[PATCH 1/2] smack: fix bug: unprivileged task can create labels
Casey Schaufler
casey at schaufler-ca.com
Fri Mar 7 22:26:29 UTC 2025
On 3/7/2025 11:45 AM, Konstantin Andreev wrote:
> Casey Schaufler, 07 Mar 2025:
>> On 3/6/2025 2:43 PM, Konstantin Andreev wrote:
>>> - if (skp == &smack_known_web || skp == &smack_known_star)
>>> - return -EINVAL;
>>> + if (labelstr[1] == '\0' /* '@', '*' */) {
>>> + const char c = labelstr[0];
>>> +
>>> + if (c == *smack_known_web .smk_known ||
>>
>> No space before ".smk_known". I can fix this if/when I take the patch.
>>
>>> + c == *smack_known_star.smk_known) {
>>> + rc = -EPERM;
>>> + goto free_labelstr;
>>> + }
>>> + }
>
> This is to align two ".smk_known"s in two adjacent lines.
>
> I strive to make monotypic operations visually monotypic.
> This catches reader's eyes and lets him recognize the pattern faster.
>
> Of course, If this spacing violates the rules, it should be corrected.
Yes, the spacing violates the rules. I don't agree with all
the rules, but unnecessary whitespace isn't something I generally
approve of.
>
> --
> Konstantin Andreev
>
More information about the Linux-security-module-archive
mailing list