LSM: Add security_path_chroot().
[linux-2.6.git] / fs / open.c
index b5c294d..201041d 100644 (file)
--- a/fs/open.c
+++ b/fs/open.c
@@ -587,6 +587,9 @@ SYSCALL_DEFINE1(chroot, const char __user *, filename)
        error = -EPERM;
        if (!capable(CAP_SYS_CHROOT))
                goto dput_and_out;
+       error = security_path_chroot(&path);
+       if (error)
+               goto dput_and_out;
 
        set_fs_root(current->fs, &path);
        error = 0;