Re: [PATCH 2/3] coredump: remove suidsafe mode related dead code
On Tue, 31 Jul 2007 15:04:58 +0800 Eugene Teo <[EMAIL PROTECTED]> wrote: > This patch removes suidsafe core dump mode related dead code. > > Signed-off-by: Eugene Teo <[EMAIL PROTECTED]> NAK: This feature is used by end users and people debugging complex system problems. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[PATCH 2/3] coredump: remove suidsafe mode related dead code
This patch removes suidsafe core dump mode related dead code.
Signed-off-by: Eugene Teo <[EMAIL PROTECTED]>
---
fs/exec.c | 16 +---
include/linux/binfmts.h |3 ---
2 files changed, 1 insertions(+), 18 deletions(-)
diff --git a/fs/exec.c b/fs/exec.c
index 7bdea79..60b4080 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1723,8 +1723,6 @@ int do_coredump(long signr, int exit_code, struct pt_regs
* regs)
struct inode * inode;
struct file * file;
int retval = 0;
- int fsuid = current->fsuid;
- int flag = 0;
int ispipe = 0;
audit_core_dumps(signr);
@@ -1737,16 +1735,6 @@ int do_coredump(long signr, int exit_code, struct
pt_regs * regs)
up_write(>mmap_sem);
goto fail;
}
-
- /*
-* We cannot trust fsuid as being the "true" uid of the
-* process nor do we know its entire history. We only know it
-* was tainted so we dump it as root in mode 2.
-*/
- if (get_dumpable(mm) == 2) {/* Setuid core dump mode */
- flag = O_EXCL; /* Stop rewrite attacks */
- current->fsuid = 0; /* Dump root private */
- }
set_dumpable(mm, 0);
retval = coredump_wait(exit_code);
@@ -1778,8 +1766,7 @@ int do_coredump(long signr, int exit_code, struct pt_regs
* regs)
}
} else
file = filp_open(corename,
-O_CREAT | 2 | O_NOFOLLOW | O_LARGEFILE | flag,
-0600);
+O_CREAT | 2 | O_NOFOLLOW | O_LARGEFILE, 0600);
if (IS_ERR(file))
goto fail_unlock;
inode = file->f_path.dentry->d_inode;
@@ -1806,7 +1793,6 @@ int do_coredump(long signr, int exit_code, struct pt_regs
* regs)
close_fail:
filp_close(file, NULL);
fail_unlock:
- current->fsuid = fsuid;
complete_all(>core_done);
fail:
return retval;
diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h
index 91c8c07..ca75ee4 100644
--- a/include/linux/binfmts.h
+++ b/include/linux/binfmts.h
@@ -81,9 +81,6 @@ extern int search_binary_handler(struct linux_binprm *,struct
pt_regs *);
extern int flush_old_exec(struct linux_binprm * bprm);
extern int suid_dumpable;
-#define SUID_DUMP_DISABLE 0 /* No setuid dumping */
-#define SUID_DUMP_USER 1 /* Dump as user of process */
-#define SUID_DUMP_ROOT 2 /* Dump as root */
/* Stack area protections */
#define EXSTACK_DEFAULT 0/* Whatever the arch defaults to */
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[PATCH 2/3] coredump: remove suidsafe mode related dead code
This patch removes suidsafe core dump mode related dead code.
Signed-off-by: Eugene Teo [EMAIL PROTECTED]
---
fs/exec.c | 16 +---
include/linux/binfmts.h |3 ---
2 files changed, 1 insertions(+), 18 deletions(-)
diff --git a/fs/exec.c b/fs/exec.c
index 7bdea79..60b4080 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1723,8 +1723,6 @@ int do_coredump(long signr, int exit_code, struct pt_regs
* regs)
struct inode * inode;
struct file * file;
int retval = 0;
- int fsuid = current-fsuid;
- int flag = 0;
int ispipe = 0;
audit_core_dumps(signr);
@@ -1737,16 +1735,6 @@ int do_coredump(long signr, int exit_code, struct
pt_regs * regs)
up_write(mm-mmap_sem);
goto fail;
}
-
- /*
-* We cannot trust fsuid as being the true uid of the
-* process nor do we know its entire history. We only know it
-* was tainted so we dump it as root in mode 2.
-*/
- if (get_dumpable(mm) == 2) {/* Setuid core dump mode */
- flag = O_EXCL; /* Stop rewrite attacks */
- current-fsuid = 0; /* Dump root private */
- }
set_dumpable(mm, 0);
retval = coredump_wait(exit_code);
@@ -1778,8 +1766,7 @@ int do_coredump(long signr, int exit_code, struct pt_regs
* regs)
}
} else
file = filp_open(corename,
-O_CREAT | 2 | O_NOFOLLOW | O_LARGEFILE | flag,
-0600);
+O_CREAT | 2 | O_NOFOLLOW | O_LARGEFILE, 0600);
if (IS_ERR(file))
goto fail_unlock;
inode = file-f_path.dentry-d_inode;
@@ -1806,7 +1793,6 @@ int do_coredump(long signr, int exit_code, struct pt_regs
* regs)
close_fail:
filp_close(file, NULL);
fail_unlock:
- current-fsuid = fsuid;
complete_all(mm-core_done);
fail:
return retval;
diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h
index 91c8c07..ca75ee4 100644
--- a/include/linux/binfmts.h
+++ b/include/linux/binfmts.h
@@ -81,9 +81,6 @@ extern int search_binary_handler(struct linux_binprm *,struct
pt_regs *);
extern int flush_old_exec(struct linux_binprm * bprm);
extern int suid_dumpable;
-#define SUID_DUMP_DISABLE 0 /* No setuid dumping */
-#define SUID_DUMP_USER 1 /* Dump as user of process */
-#define SUID_DUMP_ROOT 2 /* Dump as root */
/* Stack area protections */
#define EXSTACK_DEFAULT 0/* Whatever the arch defaults to */
-
To unsubscribe from this list: send the line unsubscribe linux-kernel in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Re: [PATCH 2/3] coredump: remove suidsafe mode related dead code
On Tue, 31 Jul 2007 15:04:58 +0800 Eugene Teo [EMAIL PROTECTED] wrote: This patch removes suidsafe core dump mode related dead code. Signed-off-by: Eugene Teo [EMAIL PROTECTED] NAK: This feature is used by end users and people debugging complex system problems. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
