svn commit: r183970 - head/sys/security/mac_partition
Bjoern A. Zeeb
bz at FreeBSD.org
Fri Oct 17 08:58:34 UTC 2008
Author: bz
Date: Fri Oct 17 08:58:33 2008
New Revision: 183970
URL: http://svn.freebsd.org/changeset/base/183970
Log:
Use the label from the socket credential rather than the
solabel which was not set by the mac_partition policy.
Spotted by: rwatson
Reviewed by: rwatson
MFC after: 3 days
Modified:
head/sys/security/mac_partition/mac_partition.c
Modified: head/sys/security/mac_partition/mac_partition.c
==============================================================================
--- head/sys/security/mac_partition/mac_partition.c Fri Oct 17 08:30:20 2008 (r183969)
+++ head/sys/security/mac_partition/mac_partition.c Fri Oct 17 08:58:33 2008 (r183970)
@@ -51,6 +51,7 @@
#include <sys/priv.h>
#include <sys/proc.h>
#include <sys/sbuf.h>
+#include <sys/socketvar.h>
#include <sys/systm.h>
#include <sys/sysctl.h>
@@ -248,7 +249,7 @@ partition_socket_check_visible(struct uc
{
int error;
- error = label_on_label(cred->cr_label, solabel);
+ error = label_on_label(cred->cr_label, so->so_cred->cr_label);
return (error ? ENOENT : 0);
}
More information about the svn-src-head
mailing list