On Fri, 2017-01-27 at 18:49 -0800, Andy Lutomirski wrote:
> If an unprivileged program opens a setgid file for write and passes
> the fd to a privileged program and the privileged program writes to
> it, we currently fail to clear the setgid bit. Fix it by checking
> f_cred in addition to
On Fri, 2017-01-27 at 18:49 -0800, Andy Lutomirski wrote:
> If an unprivileged program opens a setgid file for write and passes
> the fd to a privileged program and the privileged program writes to
> it, we currently fail to clear the setgid bit. Fix it by checking
> f_cred in addition to
[CC += linux-api@]
On Sat, Jan 28, 2017 at 3:49 PM, Andy Lutomirski wrote:
> If an unprivileged program opens a setgid file for write and passes
> the fd to a privileged program and the privileged program writes to
> it, we currently fail to clear the setgid bit. Fix it by
[CC += linux-api@]
On Sat, Jan 28, 2017 at 3:49 PM, Andy Lutomirski wrote:
> If an unprivileged program opens a setgid file for write and passes
> the fd to a privileged program and the privileged program writes to
> it, we currently fail to clear the setgid bit. Fix it by checking
> f_cred in
If an unprivileged program opens a setgid file for write and passes
the fd to a privileged program and the privileged program writes to
it, we currently fail to clear the setgid bit. Fix it by checking
f_cred in addition to current's creds whenever a struct file is
involved.
I'm checking both
If an unprivileged program opens a setgid file for write and passes
the fd to a privileged program and the privileged program writes to
it, we currently fail to clear the setgid bit. Fix it by checking
f_cred in addition to current's creds whenever a struct file is
involved.
I'm checking both
6 matches
Mail list logo