Set the LOOKUP_CONTINUE flag when checking parent permissions. This allows permission functions to tell between parent and leaf checks.
Signed-off-by: Andreas Gruenbacher <[EMAIL PROTECTED]> Signed-off-by: John Johansen <[EMAIL PROTECTED]> --- fs/namei.c | 6 ++++++ 1 file changed, 6 insertions(+) --- a/fs/namei.c +++ b/fs/namei.c @@ -1409,6 +1409,10 @@ static int may_delete(struct inode *dir, BUG_ON(victim->d_parent->d_inode != dir); audit_inode_child(victim->d_name.name, victim->d_inode, dir); +#if 0 + if (nd) + nd->flags |= LOOKUP_CONTINUE; +#endif error = permission(dir,MAY_WRITE | MAY_EXEC, NULL); if (error) return error; @@ -1446,6 +1450,8 @@ static inline int may_create(struct inod return -EEXIST; if (IS_DEADDIR(dir)) return -ENOENT; + if (nd) + nd->flags |= LOOKUP_CONTINUE; return permission(dir,MAY_WRITE | MAY_EXEC, nd); } -- - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html