Properly return the error from mls_subject_privileged() in the ifnet

relabel check for MLS rather than returning 0 directly.

This problem didn't result in a vulnerability currently as the central
implementation of ifnet relabeling also checks for UNIX privilege, and
we currently don't guarantee containment for the root user in mac_mls,
but we should be using the MLS definition of privilege as well as the
UNIX definition in anticipation of supporting root containment at some
point.

MFC after:	3 days
Submitted by:	Zhouyi Zhou <zhouzhouyi at gmail dot com>
Sponsored by:	Google SoC 2007
This commit is contained in:
Robert Watson 2008-01-28 10:20:18 +00:00
parent 7572a9c749
commit 5ac3b03500

View File

@ -964,9 +964,7 @@ mls_ifnet_check_relabel(struct ucred *cred, struct ifnet *ifp,
/*
* Relabeling network interfaces requires MLS privilege.
*/
error = mls_subject_privileged(subj);
return (0);
return (mls_subject_privileged(subj));
}
static int