Function report |
Source Code:security\safesetid\lsm.c |
Create Date:2022-07-28 19:55:29 |
| Last Modify:2020-03-12 14:18:49 | Copyright©Brick |
| home page | Tree |
| Annotation kernel can get tool activity | Download SCCT | Chinese |
Name:Check whether a caller with old credentials @old is allowed to switch to* credentials that contain @new_uid.
Proto:static bool uid_permitted_for_cred(const struct cred *old, kuid_t new_uid)
Type:bool
Parameter:
| Type | Parameter | Name |
|---|---|---|
| const struct cred * | old | |
| kuid_t | new_uid |
| 105 | If uid_eq(new_uid, real UID of the task ) || uid_eq(new_uid, effective UID of the task ) || uid_eq(new_uid, saved UID of the task ) Then Return true |
| 113 | permitted = Compute a decision for a transition from @src to @dst under the active* policy. != source ID is affected by policy |
| 115 | If Not permitted Then |
| 116 | pr_warn("UID transition ((%d,%d,%d) -> %d) blocked\n", __kuid_val( real UID of the task ), __kuid_val( effective UID of the task ), __kuid_val( saved UID of the task ), __kuid_val(new_uid)) |
| 120 | Return permitted |
| Name | Describe |
|---|---|
| safesetid_task_fix_setuid | Check whether there is either an exception for user under old cred struct to* set*uid to user under new cred struct, or the UID transition is allowed (by* Linux set*uid rules) even without CAP_SETUID. |
| Source code conversion tool public plug-in interface | X |
|---|---|
| Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion |