You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
relabel self
About this tag
The relabel-self tag on WindowsForum.com covers discussions about the Smack Linux Security Module's relabel-self whitelist, which controls whether unprivileged processes can assign new Smack labels to themselves. A recent thread details CVE-2025-68733, a vulnerability caused by a logic ordering bug in Smack's label import code. The fix reorders checks so that label validation against the relabel-self whitelist occurs before the kernel imports the provided label, closing an elevation-of-capability window. This tag is relevant for Linux security administrators and developers working with Smack LSM configurations, particularly those managing unprivileged relabeling policies.
A logic ordering bug in the Smack Linux Security Module (LSM) has been assigned CVE-2025-68733 after maintainers corrected a code path that allowed unprivileged processes — under specific Smack configurations — to create new Smack labels by writing names into their own process attribute files...