[CC += linux-api@] Andy, this is an API change! On Sat, Jan 28, 2017 at 3:49 PM, Andy Lutomirski <luto@xxxxxxxxxx> wrote: > The kernel has some dangerous behavior involving the creation and > modification of setgid executables. These issues aren't kernel > security bugs per se, but they have been used to turn various > filesystem permission oddities into reliably privilege escalation > exploits. > > See http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/ > for a nice writeup. > > Let's fix them for real. > > Changes from v1: > - Fix uninitialized variable issue (Willy, Ben) > - Also check current creds in should_remove_suid() (Ben) > > Andy Lutomirski (2): > fs: Check f_cred as well as of current's creds in should_remove_suid() > fs: Harden against open(..., O_CREAT, 02777) in a setgid directory > > fs/inode.c | 61 ++++++++++++++++++++++++++++++++++++++++++++++-------- > fs/internal.h | 2 +- > fs/ocfs2/file.c | 4 ++-- > fs/open.c | 2 +- > include/linux/fs.h | 2 +- > 5 files changed, 57 insertions(+), 14 deletions(-) > > -- > 2.9.3 > > -- > To unsubscribe, send a message with 'unsubscribe linux-mm' in > the body to majordomo@xxxxxxxxx. For more info on Linux MM, > see: http://www.linux-mm.org/ . > Don't email: <a href=mailto:"dont@xxxxxxxxx"> email@xxxxxxxxx </a> -- Michael Kerrisk Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/ Author of "The Linux Programming Interface", http://blog.man7.org/ -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html