The goal of PF_SUID flag is to check if it is safe to coredump the process. If the current process is already privileged, there is no point in performing security checks because the name image is a set-uid process. Because of that, we don't set the suid flag if the forked process already runs as root. Signed-off-by: Wander Lairson Costa <wander@xxxxxxxxxx> --- fs/exec.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/fs/exec.c b/fs/exec.c index 81d6ab9a4f64..1a3458c6c9b7 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -1310,7 +1310,11 @@ int begin_new_exec(struct linux_binprm * bprm) me->flags &= ~(PF_RANDOMIZE | PF_FORKNOEXEC | PF_KTHREAD | PF_NOFREEZE | PF_NO_SETAFFINITY); - if (bprm->suid_bin) + /* + * We set the PF_SUID flags for security reasons. There is no + * point in setting it if the parent is root. + */ + if (bprm->suid_bin && !capable(CAP_SYS_ADMIN)) me->flags |= PF_SUID; flush_thread(); -- 2.27.0
