[PATCH] selinux: tracer SID fix

Fix SELinux to not reset the tracer SID when the child is already being traced, since selinux_ptrace is also called by proc for access checking outside of the context of a ptrace attach. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: James Morris <jmorris@namei.org> Acked-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>

[PATCH] selinux: tracer SID fix
Fix SELinux to not reset the tracer SID when the child is already being traced, since selinux_ptrace is also called by proc for access checking outside of the context of a ptrace attach. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: James Morris <jmorris@namei.org> Acked-by: Chris Wright <chrisw@sous-sol.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
341c2d80 · Stephen Smalley · Linus Torvalds · 4136cabf · 341c2d80
Commit 341c2d80 authored Mar 11, 2006 by Stephen Smalley Committed by Linus Torvalds Mar 11, 2006
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

security/selinux/hooks.c security/selinux/hooks.c +1 -1

No files found.
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1262,7 +1262,7 @@ static int selinux_ptrace(struct task_struct *parent, struct task_struct *child)

 	rc = task_has_perm(parent, child, PROCESS__PTRACE);
 	/* Save the SID of the tracing process for later use in apply_creds. */
-	if (!rc)
+	if (!(child->ptrace & PT_PTRACED) && !rc)
 		csec->ptrace_sid = psec->sid;
 	return rc;
 }