From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754647Ab2CGVW1 (ORCPT ); Wed, 7 Mar 2012 16:22:27 -0500 Received: from mail-bk0-f46.google.com ([209.85.214.46]:56168 "EHLO mail-bk0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751222Ab2CGVW0 (ORCPT ); Wed, 7 Mar 2012 16:22:26 -0500 Date: Thu, 8 Mar 2012 01:22:21 +0400 From: Cyrill Gorcunov To: Andrew Morton Cc: Michael Kerrisk , Kees Cook , Pavel Emelyanov , Tejun Heo , Oleg Nesterov , Paul Bolle , KOSAKI Motohiro , LKML Subject: [PATCH -mm] prctl: Use CAP_SYS_RESOURCE for PR_SET_MM option Message-ID: <20120307212221.GD6215@moon> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org CAP_SYS_ADMIN is already overloaded left and right, so to have more fine-grained access control use CAP_SYS_RESOURCE here. The CAP_SYS_RESOUCE is chosen because this prctl option allows a current process to adjust some fields of memory map descriptor which rather represents what the process owns: pointers to code, data, stack segments, command line, auxiliary vector data and etc. Suggested-by: Michael Kerrisk Acked-by: Kees Cook Acked-by: Michael Kerrisk CC: Andrew Morton CC: Pavel Emelyanov CC: Tejun Heo CC: Oleg Nesterov CC: Paul Bolle CC: KOSAKI Motohiro Signed-off-by: Cyrill Gorcunov --- Typo is fixed. kernel/sys.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Index: linux-2.6.git/kernel/sys.c =================================================================== --- linux-2.6.git.orig/kernel/sys.c +++ linux-2.6.git/kernel/sys.c @@ -1712,7 +1712,7 @@ static int prctl_set_mm(int opt, unsigne if (arg5 || (arg4 && opt != PR_SET_MM_AUXV)) return -EINVAL; - if (!capable(CAP_SYS_ADMIN)) + if (!capable(CAP_SYS_RESOURCE)) return -EPERM; if (addr >= TASK_SIZE)