From 0617c7ff34dc9b1d641640c3953274bb2dbe21a6 Mon Sep 17 00:00:00 2001 From: Tetsuo Handa Date: Mon, 21 Jun 2010 09:58:53 +0900 Subject: TOMOYO: Remove alias keyword. Some programs behave differently depending on argv[0] passed to execve(). TOMOYO has "alias" keyword in order to allow administrators to define different domains if requested pathname passed to execve() is a symlink. But "alias" keyword is incomplete because this keyword assumes that requested pathname and argv[0] are identical. Thus, remove "alias" keyword (by this patch) and add syntax for checking argv[0] (by future patches). Signed-off-by: Tetsuo Handa Signed-off-by: James Morris --- security/tomoyo/common.c | 12 ------------ 1 file changed, 12 deletions(-) (limited to 'security/tomoyo/common.c') diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c index 183fe65..0e6b1b5 100644 --- a/security/tomoyo/common.c +++ b/security/tomoyo/common.c @@ -1177,8 +1177,6 @@ static int tomoyo_write_exception_policy(struct tomoyo_io_buffer *head) is_delete); if (tomoyo_str_starts(&data, TOMOYO_KEYWORD_AGGREGATOR)) return tomoyo_write_aggregator_policy(data, is_delete); - if (tomoyo_str_starts(&data, TOMOYO_KEYWORD_ALIAS)) - return tomoyo_write_alias_policy(data, is_delete); if (tomoyo_str_starts(&data, TOMOYO_KEYWORD_ALLOW_READ)) return tomoyo_write_globally_readable_policy(data, is_delete); if (tomoyo_str_starts(&data, TOMOYO_KEYWORD_FILE_PATTERN)) @@ -1334,16 +1332,6 @@ static bool tomoyo_read_policy(struct tomoyo_io_buffer *head, const int idx) w[1] = ptr->filename->name; } break; - case TOMOYO_ID_ALIAS: - { - struct tomoyo_alias_entry *ptr = - container_of(acl, typeof(*ptr), head); - w[0] = TOMOYO_KEYWORD_ALIAS; - w[1] = ptr->original_name->name; - w[2] = " "; - w[3] = ptr->aliased_name->name; - } - break; case TOMOYO_ID_AGGREGATOR: { struct tomoyo_aggregator_entry *ptr = -- cgit v1.1