From: Greg KH <gregkh@suse.de>
To: linux-kernel@vger.kernel.org, stable@kernel.org
Cc: Justin Forbes <jmforbes@linuxtx.org>,
Zwane Mwaikambo <zwane@arm.linux.org.uk>,
"Theodore Ts'o" <tytso@mit.edu>,
Randy Dunlap <rdunlap@xenotime.net>,
Dave Jones <davej@redhat.com>,
Chuck Wolber <chuckw@quantumlinux.com>,
Chris Wedgwood <reviews@ml.cw.f00f.org>,
Michael Krufky <mkrufky@linuxtv.org>,
Chuck Ebbert <cebbert@redhat.com>,
Domenico Andreoli <cavokz@gmail.com>, Willy Tarreau <w@1wt.eu>,
Rodrigo Rubira Branco <rbranco@la.checkpoint.com>,
Jake Edge <jake@lwn.net>, Eugene Teo <eteo@redhat.com>,
torvalds@linux-foundation.org, akpm@linux-foundation.org,
alan@lxorguk.ukuu.org.uk, Serge Hallyn <serue@us.ibm.com>,
David Howells <dhowells@redhat.com>,
"Andrew G. Morgan" <morgan@kernel.org>
Subject: [patch 06/16] file caps: always start with clear bprm->caps_*
Date: Fri, 7 Nov 2008 15:26:10 -0800 [thread overview]
Message-ID: <20081107232610.GG4282@kroah.com> (raw)
In-Reply-To: <20081107232544.GA4282@kroah.com>
[-- Attachment #1: file-caps-always-start-with-clear-bprm-caps_.patch --]
[-- Type: text/plain, Size: 1401 bytes --]
2.6.25-stable review patch. If anyone has any objections, please let us know.
------------------
From: Serge Hallyn <serue@us.ibm.com>
commit 3318a386e4ca68c76e0294363d29bdc46fcad670 upstream
While Linux doesn't honor setuid on scripts. However, it mistakenly
behaves differently for file capabilities.
This patch fixes that behavior by making sure that get_file_caps()
begins with empty bprm->caps_*. That way when a script is loaded,
its bprm->caps_* may be filled when binfmt_misc calls prepare_binprm(),
but they will be cleared again when binfmt_elf calls prepare_binprm()
next to read the interpreter's file capabilities.
Signed-off-by: Serge Hallyn <serue@us.ibm.com>
Acked-by: David Howells <dhowells@redhat.com>
Acked-by: Andrew G. Morgan <morgan@kernel.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
security/commoncap.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -244,10 +244,10 @@ static int get_file_caps(struct linux_bi
struct vfs_cap_data vcaps;
struct inode *inode;
- if (bprm->file->f_vfsmnt->mnt_flags & MNT_NOSUID) {
- bprm_clear_caps(bprm);
+ bprm_clear_caps(bprm);
+
+ if (bprm->file->f_vfsmnt->mnt_flags & MNT_NOSUID)
return 0;
- }
dentry = dget(bprm->file->f_dentry);
inode = dentry->d_inode;
--
next prev parent reply other threads:[~2008-11-07 23:33 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20081107231848.995297975@mini.kroah.org>
2008-11-07 23:25 ` [patch 00/16] 2.6.25.20-stable review Greg KH
2008-11-07 23:25 ` [patch 01/16] gpiolib: fix oops in gpio_get_value_cansleep() Greg KH
2008-11-07 23:26 ` [patch 02/16] ext: Avoid printk floods in the face of directory corruption (CVE-2008-3528) Greg KH
2008-11-10 2:57 ` Eugene Teo
2008-11-07 23:26 ` [patch 03/16] edac cell: fix incorrect edac_mode Greg KH
2008-11-07 23:26 ` [patch 04/16] net: Fix recursive descent in __scm_destroy() Greg KH
2008-11-07 23:26 ` [patch 05/16] libertas: fix buffer overrun Greg KH
2008-11-07 23:26 ` Greg KH [this message]
2008-11-07 23:26 ` [patch 07/16] ALSA: use correct lock in snd_ctl_dev_disconnect() Greg KH
2008-11-07 23:26 ` [patch 08/16] ACPI: dock: avoid check _STA method Greg KH
2008-11-07 23:26 ` [patch 09/16] tcpv6: fix option space offsets with md5 Greg KH
2008-11-07 23:26 ` [patch 10/16] net: Fix netdev_run_todo dead-lock Greg KH
2008-11-07 23:26 ` [patch 11/16] sparc64: Fix race in arch/sparc64/kernel/trampoline.S Greg KH
2008-11-07 23:26 ` [patch 12/16] math-emu: Fix signalling of underflow and inexact while packing result Greg KH
2008-11-07 23:26 ` [patch 13/16] ACPI: video: fix brightness allocation Greg KH
2008-11-07 23:26 ` [patch 14/16] netfilter: xt_iprange: fix range inversion match Greg KH
2008-11-07 23:26 ` [patch 15/16] netfilter: snmp nat leaks memory in case of failure Greg KH
2008-11-07 23:26 ` Greg KH
2008-11-07 23:26 ` [patch 16/16] netfilter: restore lost ifdef guarding defrag exception Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20081107232610.GG4282@kroah.com \
--to=gregkh@suse.de \
--cc=akpm@linux-foundation.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=cavokz@gmail.com \
--cc=cebbert@redhat.com \
--cc=chuckw@quantumlinux.com \
--cc=davej@redhat.com \
--cc=dhowells@redhat.com \
--cc=eteo@redhat.com \
--cc=jake@lwn.net \
--cc=jmforbes@linuxtx.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mkrufky@linuxtv.org \
--cc=morgan@kernel.org \
--cc=rbranco@la.checkpoint.com \
--cc=rdunlap@xenotime.net \
--cc=reviews@ml.cw.f00f.org \
--cc=serue@us.ibm.com \
--cc=stable@kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=tytso@mit.edu \
--cc=w@1wt.eu \
--cc=zwane@arm.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.