diff options
author | Stephen D. Smalley <sds@epoch.ncsc.mil> | 2003-02-06 12:37:12 +1100 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@kernel.bkbits.net> | 2003-02-06 12:37:12 +1100 |
commit | 7c9bf63f9a5559811ffdc17e6dc70cb8df4a5bf6 (patch) | |
tree | ca4dd56a5f76c19c8b4a6b18b06407a3cd91148e /security | |
parent | c1b447c2276e3485d77e6afe6447cada4e23d624 (diff) | |
download | history-7c9bf63f9a5559811ffdc17e6dc70cb8df4a5bf6.tar.gz |
[PATCH] LSM: Add LSM syslog hook to 2.5.59
This patch adds the LSM security_syslog hook for controlling the
syslog(2) interface relative to 2.5.59 plus the previously posted
security_sysctl patch. In response to earlier comments by Christoph,
the existing capability check for syslog(2) is moved into the
capability security module hook function, and a corresponding dummy
security module hook function is defined that provides traditional
superuser behavior. The LSM hook is placed in do_syslog rather than
sys_syslog so that it is called when either the system call interface
or the /proc/kmsg interface is used. SELinux uses this hook to
control access to the kernel message ring and to the console log
level.
Diffstat (limited to 'security')
-rw-r--r-- | security/capability.c | 10 | ||||
-rw-r--r-- | security/dummy.c | 8 |
2 files changed, 18 insertions, 0 deletions
diff --git a/security/capability.c b/security/capability.c index cf6d2440a21d21..1395dcf3c51a38 100644 --- a/security/capability.c +++ b/security/capability.c @@ -262,6 +262,13 @@ void cap_task_reparent_to_init (struct task_struct *p) return; } +int cap_syslog (int type) +{ + if ((type != 3) && !capable(CAP_SYS_ADMIN)) + return -EPERM; + return 0; +} + EXPORT_SYMBOL(cap_capable); EXPORT_SYMBOL(cap_ptrace); EXPORT_SYMBOL(cap_capget); @@ -272,6 +279,7 @@ EXPORT_SYMBOL(cap_bprm_compute_creds); EXPORT_SYMBOL(cap_task_post_setuid); EXPORT_SYMBOL(cap_task_kmod_set_label); EXPORT_SYMBOL(cap_task_reparent_to_init); +EXPORT_SYMBOL(cap_syslog); #ifdef CONFIG_SECURITY @@ -289,6 +297,8 @@ static struct security_operations capability_ops = { .task_post_setuid = cap_task_post_setuid, .task_kmod_set_label = cap_task_kmod_set_label, .task_reparent_to_init = cap_task_reparent_to_init, + + .syslog = cap_syslog, }; #if defined(CONFIG_SECURITY_CAPABILITIES_MODULE) diff --git a/security/dummy.c b/security/dummy.c index e6dc155a200d19..51afe400c3ad08 100644 --- a/security/dummy.c +++ b/security/dummy.c @@ -90,6 +90,13 @@ static int dummy_quota_on (struct file *f) return 0; } +static int dummy_syslog (int type) +{ + if ((type != 3) && current->euid) + return -EPERM; + return 0; +} + static int dummy_bprm_alloc_security (struct linux_binprm *bprm) { return 0; @@ -640,6 +647,7 @@ void security_fixup_ops (struct security_operations *ops) set_to_dummy_if_null(ops, quotactl); set_to_dummy_if_null(ops, quota_on); set_to_dummy_if_null(ops, sysctl); + set_to_dummy_if_null(ops, syslog); set_to_dummy_if_null(ops, bprm_alloc_security); set_to_dummy_if_null(ops, bprm_free_security); set_to_dummy_if_null(ops, bprm_compute_creds); |