aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrew G. Morgan2008-07-04 11:59:59 -0500
committerLinus Torvalds2008-07-04 12:40:08 -0500
commit1209726ce942047c9fefe7cd427dc36f8e9ded53 (patch)
tree298e78052d6bdd92c78b22c86604f8c8364bc8d9 /security/commoncap.c
parent086f7316f0d400806d76323beefae996bb3849b1 (diff)
downloadkernel-common-1209726ce942047c9fefe7cd427dc36f8e9ded53.tar.gz
kernel-common-1209726ce942047c9fefe7cd427dc36f8e9ded53.tar.xz
kernel-common-1209726ce942047c9fefe7cd427dc36f8e9ded53.zip
security: filesystem capabilities: fix CAP_SETPCAP handling
The filesystem capability support meaning for CAP_SETPCAP is less powerful than the non-filesystem capability support. As such, when filesystem capabilities are configured, we should not permit CAP_SETPCAP to 'enhance' the current process through strace manipulation of a child process. Signed-off-by: Andrew G. Morgan <morgan@kernel.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Cc: David Howells <dhowells@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'security/commoncap.c')
-rw-r--r--security/commoncap.c13
1 files changed, 10 insertions, 3 deletions
diff --git a/security/commoncap.c b/security/commoncap.c
index 5edabc7542a..33d34330841 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -103,10 +103,16 @@ static inline int cap_inh_is_capped(void)
103 return (cap_capable(current, CAP_SETPCAP) != 0); 103 return (cap_capable(current, CAP_SETPCAP) != 0);
104} 104}
105 105
106static inline int cap_limit_ptraced_target(void) { return 1; }
107
106#else /* ie., ndef CONFIG_SECURITY_FILE_CAPABILITIES */ 108#else /* ie., ndef CONFIG_SECURITY_FILE_CAPABILITIES */
107 109
108static inline int cap_block_setpcap(struct task_struct *t) { return 0; } 110static inline int cap_block_setpcap(struct task_struct *t) { return 0; }
109static inline int cap_inh_is_capped(void) { return 1; } 111static inline int cap_inh_is_capped(void) { return 1; }
112static inline int cap_limit_ptraced_target(void)
113{
114 return !capable(CAP_SETPCAP);
115}
110 116
111#endif /* def CONFIG_SECURITY_FILE_CAPABILITIES */ 117#endif /* def CONFIG_SECURITY_FILE_CAPABILITIES */
112 118
@@ -342,9 +348,10 @@ void cap_bprm_apply_creds (struct linux_binprm *bprm, int unsafe)
342 bprm->e_uid = current->uid; 348 bprm->e_uid = current->uid;
343 bprm->e_gid = current->gid; 349 bprm->e_gid = current->gid;
344 } 350 }
345 if (!capable (CAP_SETPCAP)) { 351 if (cap_limit_ptraced_target()) {
346 new_permitted = cap_intersect (new_permitted, 352 new_permitted =
347 current->cap_permitted); 353 cap_intersect(new_permitted,
354 current->cap_permitted);
348 } 355 }
349 } 356 }
350 } 357 }