From: Serge E. Hallyn <serue@xxxxxxxxxx> fsuid should always trail euid changes. So p9auth should set fsuid as well when it sets ruid and euid. Whether the suid should also be set is an open question - keeping the old uid in suid may be useful, or may just serve to trick lazy userspace. Note that so long as we do not also set suid, the setuid_fixup() code will not (when we later switch to setresuid()) fully fill/clear capability sets. So while I had previously thought that keeping suid unchanged would be useful, I think it is better to change all uids. Signed-off-by: Serge E. Hallyn <serue@xxxxxxxxxx> Cc: Greg KH <greg@xxxxxxxxx> cc: rsc@xxxxxxxxx Cc: Ashwin Ganti <ashwin.ganti@xxxxxxxxx> Cc: ericvh@xxxxxxxxx Cc: devel@xxxxxxxxxxxxxxxxxxxxxx Cc: linux-kernel@xxxxxxxxxxxxxxx --- drivers/staging/p9auth/p9auth.c | 14 +++++++++----- 1 files changed, 9 insertions(+), 5 deletions(-) diff --git a/drivers/staging/p9auth/p9auth.c b/drivers/staging/p9auth/p9auth.c index db79626..70ef45b 100644 --- a/drivers/staging/p9auth/p9auth.c +++ b/drivers/staging/p9auth/p9auth.c @@ -275,10 +275,14 @@ static ssize_t cap_write(struct file *filp, const char __user *buf, goto out; } /* - * What all id's need to be changed here? uid, - * euid, fsid, savedids ?? Currently I am - * changing the effective user id since most of - * the authorisation decisions are based on it + * Change all uids. It might be useful to + * keep suid unchanged, however that will + * mean that changing from uid=0 to uid=!0 + * pP is not emptied (only pE is), and when + * changing from uid=!0 to uid=0, sets are + * not filled. They will be correct after + * the next exec, but this is IMO not + * sufficient. So change all uids. */ new = prepare_creds(); if (!new) { @@ -286,7 +290,7 @@ static ssize_t cap_write(struct file *filp, const char __user *buf, goto out; } new->uid = (uid_t) target_int; - new->euid = (uid_t) target_int; + new->suid = new->fsuid = new->euid = new->uid; retval = commit_creds(new); if (retval) goto out; -- 1.6.1 _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/devel