Properly return the error from mls_subject_privileged() in the ifnet
relabel check for MLS rather than returning 0 directly. This problem didn't result in a vulnerability currently as the central implementation of ifnet relabeling also checks for UNIX privilege, and we currently don't guarantee containment for the root user in mac_mls, but we should be using the MLS definition of privilege as well as the UNIX definition in anticipation of supporting root containment at some point. MFC after: 3 days Submitted by: Zhouyi Zhou <zhouzhouyi at gmail dot com> Sponsored by: Google SoC 2007
This commit is contained in:
parent
7572a9c749
commit
5ac3b03500
@ -964,9 +964,7 @@ mls_ifnet_check_relabel(struct ucred *cred, struct ifnet *ifp,
|
||||
/*
|
||||
* Relabeling network interfaces requires MLS privilege.
|
||||
*/
|
||||
error = mls_subject_privileged(subj);
|
||||
|
||||
return (0);
|
||||
return (mls_subject_privileged(subj));
|
||||
}
|
||||
|
||||
static int
|
||||
|
Loading…
Reference in New Issue
Block a user