SAFE public projects git trees. - safe/jmp/linux-2.6/commit

author	Casey Schaufler <casey@schaufler-ca.com>
	Wed, 30 Jul 2008 22:37:11 +0000 (15:37 -0700)
committer	James Morris <jmorris@namei.org>
	Tue, 5 Aug 2008 00:55:53 +0000 (10:55 +1000)
commit	15446235367fa4a621ff5abfa4b6ebbe25b33763
tree	bc6823055afbef26560c63f8041caeadd4cef078	tree \| snapshot
parent	cf9481e289247fe9cf40f2e2481220d899132049	commit \| diff

smack: limit privilege by label

There have been a number of requests to make the Smack LSM
enforce MAC even in the face of privilege, either capability
based or superuser based. This is not universally desired,
however, so it seems desirable to make it optional. Further,
at least one legacy OS implemented a scheme whereby only
processes running with one particular label could be exempt
from MAC. This patch supports these three cases.

If /smack/onlycap is empty (unset or null-string) privilege
is enforced in the normal way.

If /smack/onlycap contains a label only processes running with
that label may be MAC exempt.

If the label in /smack/onlycap is the star label ("*") the
semantics of the star label combine with the privilege
restrictions to prevent any violations of MAC, even in the
presence of privilege.

Again, this will be independent of the privilege scheme.

Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Reviewed-by: James Morris <jmorris@namei.org>

security/smack/smack.h		diff \| blob \| history
security/smack/smack_access.c		diff \| blob \| history
security/smack/smackfs.c		diff \| blob \| history