On Mon, Jan 30, 2017 at 7:49 PM, Michael Kerrisk <mtk.manpages@xxxxxxxxx> wrote: > [CC += linux-api@] > > Andy, this is an API change! Indeed. I should be ashamed of myself! > > On Sat, Jan 28, 2017 at 3:49 PM, Andy Lutomirski <luto@xxxxxxxxxx> wrote: >> The kernel has some dangerous behavior involving the creation and >> modification of setgid executables. These issues aren't kernel >> security bugs per se, but they have been used to turn various >> filesystem permission oddities into reliably privilege escalation >> exploits. >> >> See http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/ >> for a nice writeup. >> >> Let's fix them for real. >> >> Changes from v1: >> - Fix uninitialized variable issue (Willy, Ben) >> - Also check current creds in should_remove_suid() (Ben) >> >> Andy Lutomirski (2): >> fs: Check f_cred as well as of current's creds in should_remove_suid() >> fs: Harden against open(..., O_CREAT, 02777) in a setgid directory >> >> fs/inode.c | 61 ++++++++++++++++++++++++++++++++++++++++++++++-------- >> fs/internal.h | 2 +- >> fs/ocfs2/file.c | 4 ++-- >> fs/open.c | 2 +- >> include/linux/fs.h | 2 +- >> 5 files changed, 57 insertions(+), 14 deletions(-) >> >> -- >> 2.9.3 >> >> -- >> To unsubscribe, send a message with 'unsubscribe linux-mm' in >> the body to majordomo@xxxxxxxxx. For more info on Linux MM, >> see: http://www.linux-mm.org/ . >> Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a> > > > > -- > Michael Kerrisk Linux man-pages maintainer; > http://www.kernel.org/doc/man-pages/ > Author of "The Linux Programming Interface", http://blog.man7.org/ -- Andy Lutomirski AMA Capital Management, LLC -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
