From 8ba8e0fbe6321961f6ba04e2fd7215b37d935c83 Mon Sep 17 00:00:00 2001 From: Darrel Goeddel Date: Wed, 24 May 2006 09:38:25 -0500 Subject: [PATCH] fix se_sen audit filter Fix a broken comparison that causes the process clearance to be checked for both se_clr and se_sen audit filters. Signed-off-by: Darrel Goeddel Signed-off-by: Al Viro --- security/selinux/ss/services.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index c284dbb8b8c..e9548bc049e 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -1980,7 +1980,7 @@ int selinux_audit_rule_match(u32 ctxid, u32 field, u32 op, break; case AUDIT_SE_SEN: case AUDIT_SE_CLR: - level = (op == AUDIT_SE_SEN ? + level = (field == AUDIT_SE_SEN ? &ctxt->range.level[0] : &ctxt->range.level[1]); switch (op) { case AUDIT_EQUAL: -- cgit v1.2.3