The patch titled
Let even non-dumpable tasks access /proc/self/fd
has been removed from the -mm tree. Its filename is
let-even-non-dumpable-tasks-access-proc-self-fd.patch
This patch was dropped because it is obsolete
------------------------------------------------------
Subject: Let even non-dumpable tasks access /proc/self/fd
From: Petr Baudis <pasky@xxxxxxx>
All tasks calling setuid() from root to non-root during their lifetime will
not be able to access their /proc/self/fd. This is troublesome because the
fstatat() and other *at() routines are emulated by accessing
/proc/self/fd/*/path and that will break with setuid()ing programs, leading
to various weird consequences (e.g. with the latest glibc, nftw() does not
work with setuid()ing programs on ppc and furthermore causes the LSB
testsuite to fail because of this).
This kernel patch fixes the problem by letting the process access its own
/proc/self/fd - as far as I can see, this should be reasonably safe since
for the process, this does not reveal "anything new". Feel free to comment
on this.
Signed-off-by: Petr Baudis <pasky@xxxxxxx>
Cc: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
Cc: Chris Wright <chrisw@xxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxx>
---
fs/proc/base.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff -puN fs/proc/base.c~let-even-non-dumpable-tasks-access-proc-self-fd fs/proc/base.c
--- a/fs/proc/base.c~let-even-non-dumpable-tasks-access-proc-self-fd
+++ a/fs/proc/base.c
@@ -1369,7 +1369,9 @@ static struct inode *proc_pid_make_inode
ei->type = ino;
inode->i_uid = 0;
inode->i_gid = 0;
- if (ino == PROC_TGID_INO || ino == PROC_TID_INO || task_dumpable(task)) {
+ if (ino == PROC_TGID_INO || ino == PROC_TID_INO ||
+ ((ino == PROC_TGID_FD || ino == PROC_TID_FD || ino >= PROC_TID_FD_DIR) && task == current) ||
+ task_dumpable(task)) {
inode->i_uid = task->euid;
inode->i_gid = task->egid;
}
@@ -1399,7 +1401,9 @@ static int pid_revalidate(struct dentry
struct inode *inode = dentry->d_inode;
struct task_struct *task = proc_task(inode);
if (pid_alive(task)) {
- if (proc_type(inode) == PROC_TGID_INO || proc_type(inode) == PROC_TID_INO || task_dumpable(task)) {
+ if (proc_type(inode) == PROC_TGID_INO || proc_type(inode) == PROC_TID_INO ||
+ ((proc_type(inode) == PROC_TGID_FD || proc_type(inode) == PROC_TID_FD) && task == current) ||
+ task_dumpable(task)) {
inode->i_uid = task->euid;
inode->i_gid = task->egid;
} else {
@@ -1426,7 +1430,7 @@ static int tid_fd_revalidate(struct dent
if (fcheck_files(files, fd)) {
rcu_read_unlock();
put_files_struct(files);
- if (task_dumpable(task)) {
+ if (task_dumpable(task) || task == current) {
inode->i_uid = task->euid;
inode->i_gid = task->egid;
} else {
_
Patches currently in -mm which might be from pasky@xxxxxxx are
-
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
