As discussed briefly on the list (lore link below), we are a little sloppy when it comes to using task credentials, mixing both the subjective and object credentials. This patch set attempts to fix this by replacing security_task_getsecid() with two new hooks that return either the subjective (_subj) or objective (_obj) credentials. https://lore.kernel.org/linux-security-module/806848326.0ifERbkFSE@x2/T/ Casey and John, I made a quick pass through the Smack and AppArmor code in an effort to try and do the right thing, but I will admit that I haven't tested those changes, just the SELinux code. I would really appreciate your help in reviewing those changes. If you find it easier, feel free to wholesale replace my Smack/AppArmor patch with one of your own. --- Paul Moore (4): lsm: separate security_task_getsecid() into subjective and objective variants selinux: clarify task subjective and objective credentials smack: differentiate between subjective and objective task credentials apparmor: differentiate between subjective and objective task credentials security/apparmor/domain.c | 2 +- security/apparmor/include/cred.h | 19 +++++-- security/apparmor/include/task.h | 3 +- security/apparmor/lsm.c | 23 ++++++--- security/apparmor/task.c | 23 +++++++-- security/selinux/hooks.c | 85 ++++++++++++++++++-------------- security/smack/smack.h | 18 ++++++- security/smack/smack_lsm.c | 40 ++++++++++----- 8 files changed, 147 insertions(+), 66 deletions(-) -- Signature