aboutsummaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2008-11-13 18:39:14 -0500
committerJames Morris <jmorris@namei.org>2008-11-13 18:39:14 -0500
commit1cdcbec1a3372c0c49c59d292e708fd07b509f18 (patch)
treed1bd302c8d66862da45b494cbc766fb4caa5e23e /fs
parent8bbf4976b59fc9fc2861e79cab7beb3f6d647640 (diff)
CRED: Neuter sys_capset()
Take away the ability for sys_capset() to affect processes other than current. This means that current will not need to lock its own credentials when reading them against interference by other processes. This has effectively been the case for a while anyway, since: (1) Without LSM enabled, sys_capset() is disallowed. (2) With file-based capabilities, sys_capset() is neutered. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Acked-by: Andrew G. Morgan <morgan@kernel.org> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'fs')
-rw-r--r--fs/open.c12
1 files changed, 1 insertions, 11 deletions
diff --git a/fs/open.c b/fs/open.c
index 83cdb9dee0c1..500cc0c54762 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -441,17 +441,7 @@ asmlinkage long sys_faccessat(int dfd, const char __user *filename, int mode)
441 current->fsgid = current->gid; 441 current->fsgid = current->gid;
442 442
443 if (!issecure(SECURE_NO_SETUID_FIXUP)) { 443 if (!issecure(SECURE_NO_SETUID_FIXUP)) {
444 /* 444 /* Clear the capabilities if we switch to a non-root user */
445 * Clear the capabilities if we switch to a non-root user
446 */
447#ifndef CONFIG_SECURITY_FILE_CAPABILITIES
448 /*
449 * FIXME: There is a race here against sys_capset. The
450 * capabilities can change yet we will restore the old
451 * value below. We should hold task_capabilities_lock,
452 * but we cannot because user_path_at can sleep.
453 */
454#endif /* ndef CONFIG_SECURITY_FILE_CAPABILITIES */
455 if (current->uid) 445 if (current->uid)
456 old_cap = cap_set_effective(__cap_empty_set); 446 old_cap = cap_set_effective(__cap_empty_set);
457 else 447 else