https://git.rsbac.org/cgi-bin/gitweb.cgi?p=linux-5.15.y.git;a=summary

RSBAC for Linux 5.15 (Long Term)

Current version: 5.15.40

commit eebcaa81b7dc599a575a5c743fa2b8fb34997e12 Author: Amon Ott ao@rsbac.org Date: Fri Mar 25 10:58:33 2022 +0100

Threat value RC_role_use_force_role specially when assigning initial/force role. Files and dirs can have the special RC initial role value RC_role_use_force_role, which refers to the force role setting. When assigning a new initial role, we check whether old and new initial role value are in the current role's set of assign roles. We must use the force role value for that check in this case. If no force role value has been set explicitely, we inherit the root dir default value. In this special case we allow access without that default value in the assign roles set of the current role to avoid a hen-and-egg problem.

rsbac/adf/rc/rc_main.c | 75 ++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 69 insertions(+), 6 deletions(-)