On Mon, May 18, 2020 at 07:29:41PM -0500, Eric W. Biederman wrote: > > It is almost possible to use the result of prepare_exec_creds with no > modifications during exec. Update prepare_exec_creds to initialize > the suid and the fsuid to the euid, and the sgid and the fsgid to the > egid. This is all that is needed to handle the common case of exec > when nothing special like a setuid exec is happening. > > That this preserves the existing behavior of exec can be verified > by examing bprm_fill_uid and cap_bprm_set_creds. Yup, agreed. > This change makes it clear that the later parts of exec that > update bprm->cred are just need to handle special cases such > as setuid exec and change of domains. One question, though: why add this, since the repeat calling of the caps LSM hook will do this? Is there a call ordering change here, or is this just to make the new LSM hook more robust? Regardless, this looks correct, if perhaps redundant. :) Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> -- Kees Cook
