aboutsummaryrefslogtreecommitdiff
path: root/security/smack/smack.h
diff options
context:
space:
mode:
authorCasey Schaufler <casey@schaufler-ca.com>2008-07-30 15:37:11 -0700
committerJames Morris <jmorris@namei.org>2008-08-05 10:55:53 +1000
commit15446235367fa4a621ff5abfa4b6ebbe25b33763 (patch)
treebc6823055afbef26560c63f8041caeadd4cef078 /security/smack/smack.h
parentcf9481e289247fe9cf40f2e2481220d899132049 (diff)
downloadlinux-linaro-stable-15446235367fa4a621ff5abfa4b6ebbe25b33763.tar.gz
smack: limit privilege by label
There have been a number of requests to make the Smack LSM enforce MAC even in the face of privilege, either capability based or superuser based. This is not universally desired, however, so it seems desirable to make it optional. Further, at least one legacy OS implemented a scheme whereby only processes running with one particular label could be exempt from MAC. This patch supports these three cases. If /smack/onlycap is empty (unset or null-string) privilege is enforced in the normal way. If /smack/onlycap contains a label only processes running with that label may be MAC exempt. If the label in /smack/onlycap is the star label ("*") the semantics of the star label combine with the privilege restrictions to prevent any violations of MAC, even in the presence of privilege. Again, this will be independent of the privilege scheme. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Reviewed-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/smack/smack.h')
-rw-r--r--security/smack/smack.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/security/smack/smack.h b/security/smack/smack.h
index 4a4477f5afdc..31dce559595a 100644
--- a/security/smack/smack.h
+++ b/security/smack/smack.h
@@ -178,6 +178,7 @@ u32 smack_to_secid(const char *);
extern int smack_cipso_direct;
extern int smack_net_nltype;
extern char *smack_net_ambient;
+extern char *smack_onlycap;
extern struct smack_known *smack_known;
extern struct smack_known smack_known_floor;