security: keys: perform capable check only on privileged operations - kernel/linux.git

diff options

author	Christian Göttsche <cgzones@googlemail.com>	2023-05-11 15:32:52 +0300
committer	Jarkko Sakkinen <jarkko@kernel.org>	2023-07-28 21:07:41 +0300
commit	2d7f105edbb3b2be5ffa4d833abbf9b6965e9ce7 (patch)
tree	f6ebc1b970968129a1bacc8b1468de0fbe77f93d /drivers/char
parent	57012c57536f8814dec92e74197ee96c3498d24e (diff)
download	linux-2d7f105edbb3b2be5ffa4d833abbf9b6965e9ce7.tar.xz

security: keys: perform capable check only on privileged operations

If the current task fails the check for the queried capability via `capable(CAP_SYS_ADMIN)` LSMs like SELinux generate a denial message. Issuing such denial messages unnecessarily can lead to a policy author granting more privileges to a subject than needed to silence them. Reorder CAP_SYS_ADMIN checks after the check whether the operation is actually privileged. Signed-off-by: Christian Göttsche <cgzones@googlemail.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>

Diffstat (limited to 'drivers/char')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: