On 4/27/2011 5:34 AM, Roberto Sassu wrote: > The SMACK label of new file descriptors is obtained from the credentials > set in the 'f_cred' field of the same structure. > > Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxx> > --- > security/smack/smack_lsm.c | 2 +- > 1 files changed, 1 insertions(+), 1 deletions(-) > > diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c > index c6f8fca..e3c9e54 100644 > --- a/security/smack/smack_lsm.c > +++ b/security/smack/smack_lsm.c > @@ -1011,7 +1011,7 @@ static int smack_file_permission(struct file *file, int mask) > */ > static int smack_file_alloc_security(struct file *file) > { > - file->f_security = smk_of_current(); > + file->f_security = smk_of_task(file->f_cred->security); Now hang on. This just looks wrong. You're setting the value of one field of the file structure to another value in the same file structure. I don't see that this is what I want. > return 0; > } > -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.