Quoting Eric W. Beiderman (ebiederm@xxxxxxxxxxxx):
> From: Eric W. Biederman <ebiederm@xxxxxxxxxxxx>
>
Oh, perhaps this is the right place in the thread to discuss the issue of
what to do with file capabilities? I'm ok waiting until the next iteration
to even discuss it, so long as we start by refusing setting of fcaps by
any task not in init_user_ns.
> Signed-off-by: Eric W. Biederman <ebiederm@xxxxxxxxxxxx>
> ---
> fs/exec.c | 5 +++++
> 1 files changed, 5 insertions(+), 0 deletions(-)
>
> diff --git a/fs/exec.c b/fs/exec.c
> index 00ae2ef..e001bdf 100644
> --- a/fs/exec.c
> +++ b/fs/exec.c
> @@ -1291,8 +1291,11 @@ int prepare_binprm(struct linux_binprm *bprm)
> if (!(bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID)) {
> /* Set-uid? */
> if (mode & S_ISUID) {
> + if (!kuid_has_mapping(bprm->cred->user_ns, inode->i_uid))
> + return -EPERM;
> bprm->per_clear |= PER_CLEAR_ON_SETID;
> bprm->cred->euid = inode->i_uid;
> +
> }
>
> /* Set-gid? */
> @@ -1302,6 +1305,8 @@ int prepare_binprm(struct linux_binprm *bprm)
> * executable.
> */
> if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
> + if (!kgid_has_mapping(bprm->cred->user_ns, inode->i_gid))
> + return -EPERM;
> bprm->per_clear |= PER_CLEAR_ON_SETID;
> bprm->cred->egid = inode->i_gid;
> }
> --
> 1.7.2.5
>
> _______________________________________________
> Containers mailing list
> Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx
> https://lists.linuxfoundation.org/mailman/listinfo/containers
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
