SELinux: clear parent death signal on SID transitions

Clear parent death signal on SID transitions to prevent unauthorized signaling between SIDs. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: Eric Paris <eparis@parisplace.org> Signed-off-by: James Morris <jmorris@localhost.localdomain> Signed-off-by: Adrian Bunk <bunk@kernel.org>
author: Stephen Smalley <sds@tycho.nsa.gov> 2007-10-19 01:27:51 +0200
committer: Adrian Bunk <bunk@kernel.org> 2007-10-19 01:27:51 +0200
commit: d289a630aa101eb5d168f054c96298c87673408e (patch)
tree: a990b7bd7618af3743169d4459377a4cb6144e7d /security
parent: b1deecae30b54772fc6d114396dbce85a1c8a5b1 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index b65c201e9ff5..d66485f863b2 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1740,6 +1740,9 @@ static void selinux_bprm_post_apply_creds(struct linux_binprm *bprm)
 		spin_unlock_irq(&current->sighand->siglock);
 	}
 
+	/* Always clear parent death signal on SID transitions. */
+	current->pdeath_signal = 0;
+
 	/* Check whether the new SID can inherit resource limits
 	   from the old SID.  If not, reset all soft limits to
 	   the lower of the current task's hard limit and the init
author	Stephen Smalley <sds@tycho.nsa.gov>	2007-10-19 01:27:51 +0200
committer	Adrian Bunk <bunk@kernel.org>	2007-10-19 01:27:51 +0200
commit	d289a630aa101eb5d168f054c96298c87673408e (patch)
tree	a990b7bd7618af3743169d4459377a4cb6144e7d /security
parent	b1deecae30b54772fc6d114396dbce85a1c8a5b1 (diff)