summaryrefslogtreecommitdiff
path: root/security/keys/proc.c
diff options
context:
space:
mode:
authorMichael LeMay <mdlemay@epoch.ncsc.mil>2006-06-26 11:24:56 +0400
committerLinus Torvalds <torvalds@g5.osdl.org>2006-06-26 20:58:18 +0400
commit06ec7be557a1259611d6093a00463c42650dc71a (patch)
treeb83cdbc8405e0a174939d36e4fe40fb8adb51071 /security/keys/proc.c
parente51f6d343789a4f0a2a7587ad7ec7746969d5c1c (diff)
downloadlinux-06ec7be557a1259611d6093a00463c42650dc71a.tar.xz
[PATCH] keys: restrict contents of /proc/keys to Viewable keys
Restrict /proc/keys such that only those keys to which the current task is granted View permission are presented. The documentation is also updated to reflect these changes. Signed-off-by: Michael LeMay <mdlemay@epoch.ncsc.mil> Signed-off-by: James Morris <jmorris@namei.org> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'security/keys/proc.c')
-rw-r--r--security/keys/proc.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/security/keys/proc.c b/security/keys/proc.c
index 12b750e51fbf..686a9ee0c5de 100644
--- a/security/keys/proc.c
+++ b/security/keys/proc.c
@@ -137,6 +137,13 @@ static int proc_keys_show(struct seq_file *m, void *v)
struct timespec now;
unsigned long timo;
char xbuf[12];
+ int rc;
+
+ /* check whether the current task is allowed to view the key (assuming
+ * non-possession) */
+ rc = key_task_permission(make_key_ref(key, 0), current, KEY_VIEW);
+ if (rc < 0)
+ return 0;
now = current_kernel_time();