aboutsummaryrefslogtreecommitdiff
path: root/trusted_module.c
diff options
context:
space:
mode:
Diffstat (limited to 'trusted_module.c')
-rw-r--r--trusted_module.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/trusted_module.c b/trusted_module.c
index 9e310b3..712e7a8 100644
--- a/trusted_module.c
+++ b/trusted_module.c
@@ -653,6 +653,12 @@ struct tm_cert tm_request(struct trusted_module *tm,
}
else if(req->type == ACL_UPDATE)
{
+ if(access < 3)
+ {
+ tm_seterror("user has insufficient permissions");
+ return cert_null;
+ }
+
/* We just need a new FR certificate with the new ACL. */
struct tm_cert cert = cert_null;
cert.type = FR;