diff options
author | Linus Torvalds <torvalds@g5.osdl.org> | 2006-07-14 19:51:34 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-07-14 19:51:34 -0400 |
commit | 18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3 (patch) | |
tree | b1a9c89bc546a71924ed7253f2f27afdeb82d297 /fs/proc | |
parent | ab6cf0d0cb96417ef65cc2c2120c0e879edf7a4a (diff) |
Fix nasty /proc vulnerability
We have a bad interaction with both the kernel and user space being able
to change some of the /proc file status. This fixes the most obvious
part of it, but I expect we'll also make it harder for users to modify
even their "own" files in /proc.
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'fs/proc')
-rw-r--r-- | fs/proc/base.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/fs/proc/base.c b/fs/proc/base.c index 243a94af0427..0cb8f20d000c 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c | |||
@@ -1338,6 +1338,7 @@ static int pid_revalidate(struct dentry *dentry, struct nameidata *nd) | |||
1338 | } else { | 1338 | } else { |
1339 | inode->i_uid = 0; | 1339 | inode->i_uid = 0; |
1340 | inode->i_gid = 0; | 1340 | inode->i_gid = 0; |
1341 | inode->i_mode = 0; | ||
1341 | } | 1342 | } |
1342 | security_task_to_inode(task, inode); | 1343 | security_task_to_inode(task, inode); |
1343 | put_task_struct(task); | 1344 | put_task_struct(task); |