Date: Wed, 30 May 2007 13:50:28 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 120628 for review Message-ID: <200705301350.l4UDoSrA087849@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=120628 Change 120628 by rwatson@rwatson_zoo on 2007/05/30 13:50:22 Restore lost MAC check for auditctl(). Affected files ... .. //depot/projects/trustedbsd/audit3/sys/security/audit/audit_syscalls.c#40 edit Differences ... ==== //depot/projects/trustedbsd/audit3/sys/security/audit/audit_syscalls.c#40 (text+ko) ==== @@ -654,7 +654,17 @@ return (error); vfslocked = NDHASGIANT(&nd); vp = nd.ni_vp; +#ifdef MAC + error = mac_check_system_auditctl(td->td_ucred, vp); + VOP_UNLOCK(vp, 0, td); + if (error) { + vn_close(vp, AUDIT_CLOSE_FLAGS, td->td_ucred, td); + VFS_UNLOCK_GIANT(vfslocked); + return (error); + } +#else VOP_UNLOCK(vp, 0, td); +#endif NDFREE(&nd, NDF_ONLY_PNBUF); if (vp->v_type != VREG) { vn_close(vp, AUDIT_CLOSE_FLAGS, td->td_ucred, td);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200705301350.l4UDoSrA087849>