[PATCH 1/2] smack: fix bug: unprivileged task can create labels
Konstantin Andreev
andreev at swemel.ru
Fri Mar 7 19:45:42 UTC 2025
Casey Schaufler, 07 Mar 2025:
> On 3/6/2025 2:43 PM, Konstantin Andreev wrote:
>> - if (skp == &smack_known_web || skp == &smack_known_star)
>> - return -EINVAL;
>> + if (labelstr[1] == '\0' /* '@', '*' */) {
>> + const char c = labelstr[0];
>> +
>> + if (c == *smack_known_web .smk_known ||
>
> No space before ".smk_known". I can fix this if/when I take the patch.
>
>> + c == *smack_known_star.smk_known) {
>> + rc = -EPERM;
>> + goto free_labelstr;
>> + }
>> + }
This is to align two ".smk_known"s in two adjacent lines.
I strive to make monotypic operations visually monotypic.
This catches reader's eyes and lets him recognize the pattern faster.
Of course, If this spacing violates the rules, it should be corrected.
--
Konstantin Andreev
More information about the Linux-security-module-archive
mailing list