On Tue, May 7, 2013 at 11:01 AM, Janne Karhunen <janne.karhunen@xxxxxxxxx> wrote: > @@ -481,7 +490,7 @@ int cap_bprm_set_creds(struct linux_binprm *bprm) > const struct cred *old = current_cred(); > struct cred *new = bprm->cred; > bool effective, has_cap = false; > - int ret; > + int ret, has_res; > kuid_t root_uid; > > effective = false; > @@ -501,6 +510,8 @@ int cap_bprm_set_creds(struct linux_binprm *bprm) > warn_setuid_and_fcaps_mixed(bprm->filename); > goto skip; > } > + has_res = cap_raised(new->cap_permitted, CAP_SYS_RESOURCE); > + > /* > * To support inheritance of root-permissions and suid-root > * executables under compatibility mode, we override the > @@ -512,6 +523,9 @@ int cap_bprm_set_creds(struct linux_binprm *bprm) > /* pP' = (cap_bset & ~0) | (pI & ~0) */ > new->cap_permitted = cap_combine(old->cap_bset, > old->cap_inheritable); > + > + if (!has_res && (old->user_ns != &init_user_ns)) > + cap_lower (new->cap_permitted, CAP_SYS_RESOURCE); > } > if (uid_eq(new->euid, root_uid)) > effective = true; I am also seriously unhappy about this 'setuid compatibility mode' here. It is highly surprising to have all caps elevated on uid/euid root exec regardless of the executable setuid flags... -- Janne _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
