From: Michael Halcrow <mhalcrow@us.ibm.com>
To: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Cc: Andrew Morton <akpm@osdl.org>, Michael Halcrow <mhalcrow@us.ibm.com>
Subject: [PATCH] BSD Secure Levels: suid/sgid on directories; open/mknod issue, 2.6.11-rc2-mm1 (2/8)
Date: Mon, 7 Feb 2005 13:30:17 -0600 [thread overview]
Message-ID: <20050207193016.GA834@halcrow.us> (raw)
In-Reply-To: <20050207192108.GA776@halcrow.us>
[-- Attachment #1: Type: text/plain, Size: 301 bytes --]
This is the second in a series of eight patches to the BSD Secure
Levels LSM. It allows setuid and setgid on directories. It also
disallows the creation of setuid/setgid executables via open or mknod.
Thanks to Brad Spengler for the suggestion.
Signed off by: Michael Halcrow <mhalcrow@us.ibm.com>
[-- Attachment #2: seclvl_suid_and_guid.patch --]
[-- Type: text/plain, Size: 2028 bytes --]
Index: linux-2.6.11-rc2-mm1-modules/security/seclvl.c
===================================================================
--- linux-2.6.11-rc2-mm1-modules.orig/security/seclvl.c 2005-02-03 15:14:54.907684456 -0600
+++ linux-2.6.11-rc2-mm1-modules/security/seclvl.c 2005-02-03 15:36:43.925683472 -0600
@@ -552,7 +552,11 @@
static int seclvl_inode_setattr(struct dentry *dentry, struct iattr *iattr)
{
if (seclvl > 0) {
- if (iattr->ia_valid & ATTR_MODE)
+ if (dentry && dentry->d_inode
+ && S_ISDIR(dentry->d_inode->i_mode)) {
+ return 0;
+ }
+ if (iattr && iattr->ia_valid & ATTR_MODE)
if (iattr->ia_mode & S_ISUID ||
iattr->ia_mode & S_ISGID) {
seclvl_printk(1, KERN_WARNING "%s: Attempt to "
@@ -565,6 +569,36 @@
return 0;
}
+/**
+ * Prevent an end-run around the inode_setattr control.
+ */
+static int seclvl_inode_mknod (struct inode * inode, struct dentry * dentry,
+ int mode, dev_t dev)
+{
+ if (seclvl > 0 && (mode & 02000 || mode & 04000)) {
+ seclvl_printk(1, KERN_WARNING "%s: Attempt to mknod with suid "
+ "or guid bit set in seclvl [%d]\n", __FUNCTION__,
+ seclvl );
+ return -EPERM;
+ }
+ return 0;
+}
+
+/**
+ * Prevent an end-run around the inode_setattr control.
+ */
+static int
+seclvl_inode_create (struct inode * inode, struct dentry * dentry, int mask)
+{
+ if (seclvl > 0 && (mask & 02000 || mask & 04000)) {
+ seclvl_printk(1, KERN_WARNING "%s: Attempt to "
+ "create inode with suid or guid bit set in "
+ "seclvl [%d]\n", __FUNCTION__, seclvl );
+ return -EPERM;
+ }
+ return 0;
+}
+
/* release busied block devices */
static void seclvl_file_free_security(struct file *filp)
{
@@ -598,6 +632,8 @@
.capable = seclvl_capable,
.inode_permission = seclvl_inode_permission,
.inode_setattr = seclvl_inode_setattr,
+ .inode_mknod = seclvl_inode_mknod,
+ .inode_create = seclvl_inode_create,
.file_free_security = seclvl_file_free_security,
.settime = seclvl_settime,
.sb_umount = seclvl_umount,
next prev parent reply other threads:[~2005-02-07 19:37 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-02-07 19:21 [PATCH] BSD Secure Levels: printk overhaul, 2.6.11-rc2-mm1 (1/8) Michael Halcrow
2005-02-07 19:30 ` Michael Halcrow [this message]
2005-02-07 19:31 ` [PATCH] BSD Secure Levels: claim block dev in file struct rather than inode struct, 2.6.11-rc2-mm1 (3/8) Michael Halcrow
2005-02-07 22:26 ` Chris Wright
2005-02-07 22:41 ` Valdis.Kletnieks
2005-02-08 1:48 ` David Wagner
2005-02-08 2:10 ` Valdis.Kletnieks
2005-02-08 2:20 ` Chris Wright
2005-02-08 3:15 ` Valdis.Kletnieks
2005-02-08 14:33 ` David Wagner
2005-02-07 22:42 ` Valdis.Kletnieks
2005-02-08 17:24 ` Michael Halcrow
2005-02-08 17:47 ` Valdis.Kletnieks
2005-02-08 20:08 ` Serge E. Hallyn
2005-02-08 23:38 ` Chris Wright
2005-02-07 19:32 ` [PATCH] BSD Secure Levels: memory alloc failure check, 2.6.11-rc2-mm1 (4/8) Michael Halcrow
2005-02-07 19:34 ` [PATCH] BSD Secure Levels: allow setuid/setgid on process if root, 2.6.11-rc2-mm1 (5/8) Michael Halcrow
2005-02-07 19:35 ` [PATCH] BSD Secure Levels: nits, 2.6.11-rc2-mm1 (6/8) Michael Halcrow
2005-02-08 23:43 ` Chris Wright
2005-02-07 19:36 ` [PATCH] BSD Secure Levels: comment cleanups, 2.6.11-rc2-mm1 (7/8) Michael Halcrow
2005-02-07 19:37 ` [PATCH] BSD Secure Levels: remove ptrace, 2.6.11-rc2-mm1 (8/8) Michael Halcrow
2005-02-10 21:59 ` [PATCH] BSD Secure Levels: printk overhaul, 2.6.11-rc2-mm1 (1/8) Matt Mackall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050207193016.GA834@halcrow.us \
--to=mhalcrow@us.ibm.com \
--cc=akpm@osdl.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox