diff options
author | Eric Paris <eparis@redhat.com> | 2009-05-12 15:13:55 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-05-15 09:55:41 +1000 |
commit | f850a7c040d9faafb41bceb0a05d6bb7432c8c7a (patch) | |
tree | e4e1fa97be0bd3e749f993b99d18746c8a9737ba /security/integrity/ima/ima_fs.c | |
parent | b103387037cea2ba0f04b44d408d54c53f678061 (diff) |
IMA: remove read permissions on the ima policy file
The IMA policy file does not implement read. Trying to just open/read/close
the file will load a blank policy and you cannot then change the policy
without a reboot. This removes the read permission from the file so one must
at least be attempting to write...
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/integrity/ima/ima_fs.c')
-rw-r--r-- | security/integrity/ima/ima_fs.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c index ffbe259700b..3305a961586 100644 --- a/security/integrity/ima/ima_fs.c +++ b/security/integrity/ima/ima_fs.c @@ -15,6 +15,7 @@ * implemenents security file system for reporting * current measurement list and IMA statistics */ +#include <linux/fcntl.h> #include <linux/module.h> #include <linux/seq_file.h> #include <linux/rculist.h> @@ -283,6 +284,9 @@ static atomic_t policy_opencount = ATOMIC_INIT(1); */ int ima_open_policy(struct inode * inode, struct file * filp) { + /* No point in being allowed to open it if you aren't going to write */ + if (!(filp->f_flags & O_WRONLY)) + return -EACCES; if (atomic_dec_and_test(&policy_opencount)) return 0; return -EBUSY; @@ -349,7 +353,7 @@ int ima_fs_init(void) goto out; ima_policy = securityfs_create_file("policy", - S_IRUSR | S_IRGRP | S_IWUSR, + S_IWUSR, ima_dir, NULL, &ima_measure_policy_ops); if (IS_ERR(ima_policy)) |