1
Index: b/security/apparmor/main.c
2
===================================================================
3
--- a/security/apparmor/main.c
4
+++ b/security/apparmor/main.c
5
@@ -120,11 +120,12 @@ static int aa_link_denied(struct aa_prof
7
* - if we have permission to rename, or
8
* - if we are only allowed to link and to read the target,
9
- * but not to write to the link.
10
+ * but not to write to the link, and also only if the link
11
+ * won't add any form of execute access.
13
if (((l_mode & MAY_WRITE) &&
14
(t_mode & (MAY_READ | MAY_WRITE) == (MAY_READ | MAY_WRITE))) ||
15
- ((l_mode & (MAY_WRITE | AA_MAY_LINK) == AA_MAY_LINK) &&
16
+ ((l_mode & (MAY_WRITE | MAY_EXEC | AA_MAY_LINK) == AA_MAY_LINK) &&