lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <4746469c0711211632y6137c772u392941398d1c24af@mail.gmail.com>
Date:	Wed, 21 Nov 2007 16:32:38 -0800
From:	"Mike Mohr" <akihana@...il.com>
To:	linux-kernel@...r.kernel.org
Subject: tun device supplementary group ownership

Hi,

It seems to me that supplementary groups should be taken into account
when checking for permissions on a tun device.  Can someone comment on
my patch below; is it a reasonable approach?  If so, I'd like to
submit it for inclusion in the kernel under the GPL.

Please forward any responses to me directly in addition to the lkml.

Mike

--- tun.c       2007-11-16 10:14:27.000000000 -0800
+++ tun.c.new   2007-11-21 16:12:15.000000000 -0800
@@ -471,7 +471,8 @@
               if (((tun->owner != -1 &&
                     current->euid != tun->owner) ||
                    (tun->group != -1 &&
-                     current->egid != tun->group)) &&
+                     (current->egid != tun->group &&
+                      !groups_search(current->group_info, tun->group)))) &&
                    !capable(CAP_NET_ADMIN))
                       return -EPERM;
       }
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ