Merge to Fedora Core 2 kernel-2.6.8-1.521

[linux-2.6.git] / security / selinux / hooks.c

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 72cd0e5..52fa3cf 100644 (file)
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -63,6 +63,7 @@
 #include <net/ipv6.h>
 #include <linux/hugetlb.h>
 #include <linux/major.h>
+#include <linux/personality.h>
 
 #include "avc.h"
 #include "objsec.h"
@@ -1684,6 +1685,9 @@ static int selinux_bprm_set_security(struct linux_binprm *bprm)
                if (rc)
                        return rc;
 
+               /* Clear any possibly unsafe personality bits on exec: */
+               current->personality &= ~PER_CLEAR_ON_SETID;
+
                /* Set the security field to the new SID. */
                bsec->sid = newsid;
        }