diff options
Diffstat (limited to 'security/commoncap.c')
| -rw-r--r-- | security/commoncap.c | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/security/commoncap.c b/security/commoncap.c index 0cf4b53480a7..edd3918fac02 100644 --- a/security/commoncap.c +++ b/security/commoncap.c | |||
| @@ -506,14 +506,17 @@ int cap_bprm_set_creds(struct linux_binprm *bprm) | |||
| 506 | skip: | 506 | skip: |
| 507 | 507 | ||
| 508 | /* Don't let someone trace a set[ug]id/setpcap binary with the revised | 508 | /* Don't let someone trace a set[ug]id/setpcap binary with the revised |
| 509 | * credentials unless they have the appropriate permit | 509 | * credentials unless they have the appropriate permit. |
| 510 | * | ||
| 511 | * In addition, if NO_NEW_PRIVS, then ensure we get no new privs. | ||
| 510 | */ | 512 | */ |
| 511 | if ((new->euid != old->uid || | 513 | if ((new->euid != old->uid || |
| 512 | new->egid != old->gid || | 514 | new->egid != old->gid || |
| 513 | !cap_issubset(new->cap_permitted, old->cap_permitted)) && | 515 | !cap_issubset(new->cap_permitted, old->cap_permitted)) && |
| 514 | bprm->unsafe & ~LSM_UNSAFE_PTRACE_CAP) { | 516 | bprm->unsafe & ~LSM_UNSAFE_PTRACE_CAP) { |
| 515 | /* downgrade; they get no more than they had, and maybe less */ | 517 | /* downgrade; they get no more than they had, and maybe less */ |
| 516 | if (!capable(CAP_SETUID)) { | 518 | if (!capable(CAP_SETUID) || |
| 519 | (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS)) { | ||
| 517 | new->euid = new->uid; | 520 | new->euid = new->uid; |
| 518 | new->egid = new->gid; | 521 | new->egid = new->gid; |
| 519 | } | 522 | } |