aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorOleg Nesterov <oleg@redhat.com>2009-04-06 10:16:02 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2009-04-06 17:57:23 -0400
commit432870dab85a2f69dc417022646cb9a70acf7f94 (patch)
tree4c9c08d7fb77744b1fd04615a76ab0a9105fad07
parent22ae77bc7ac115b9d518d5cbc13d39317079b2b0 (diff)
exit_notify: kill the wrong capable(CAP_KILL) check
The CAP_KILL check in exit_notify() looks just wrong, kill it. Whatever logic we have to reset ->exit_signal, the malicious user can bypass it if it execs the setuid application before exiting. Signed-off-by: Oleg Nesterov <oleg@redhat.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Acked-by: Roland McGrath <roland@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r--kernel/exit.c3
1 files changed, 1 insertions, 2 deletions
diff --git a/kernel/exit.c b/kernel/exit.c
index 6686ed1e4aa3..32cbf2607cb0 100644
--- a/kernel/exit.c
+++ b/kernel/exit.c
@@ -837,8 +837,7 @@ static void exit_notify(struct task_struct *tsk, int group_dead)
837 */ 837 */
838 if (tsk->exit_signal != SIGCHLD && !task_detached(tsk) && 838 if (tsk->exit_signal != SIGCHLD && !task_detached(tsk) &&
839 (tsk->parent_exec_id != tsk->real_parent->self_exec_id || 839 (tsk->parent_exec_id != tsk->real_parent->self_exec_id ||
840 tsk->self_exec_id != tsk->parent_exec_id) && 840 tsk->self_exec_id != tsk->parent_exec_id))
841 !capable(CAP_KILL))
842 tsk->exit_signal = SIGCHLD; 841 tsk->exit_signal = SIGCHLD;
843 842
844 signal = tracehook_notify_death(tsk, &cookie, group_dead); 843 signal = tracehook_notify_death(tsk, &cookie, group_dead);