[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1262723850-9870-1-git-send-email-serue@us.ibm.com>
Date: Tue, 5 Jan 2010 14:37:25 -0600
From: serue@...ibm.com
To: greg@...ah.com
Cc: "Serge E. Hallyn" <serue@...ibm.com>, rsc@...ch.com,
Ashwin Ganti <ashwin.ganti@...il.com>, ericvh@...il.com,
devel@...uxdriverproject.org, linux-kernel@...r.kernel.org
Subject: [RFC PATCH 1/6] p9auth: set fsuid
From: Serge E. Hallyn <serue@...ibm.com>
fsuid should always trail euid changes. So p9auth should
set fsuid as well when it sets ruid and euid. Whether the
suid should also be set is an open question - keeping the
old uid in suid may be useful, or may just serve to trick
lazy userspace.
Note that so long as we do not also set suid, the setuid_fixup()
code will not (when we later switch to setresuid()) fully
fill/clear capability sets. So while I had previously thought
that keeping suid unchanged would be useful, I think it is
better to change all uids.
Signed-off-by: Serge E. Hallyn <serue@...ibm.com>
Cc: Greg KH <greg@...ah.com>
cc: rsc@...ch.com
Cc: Ashwin Ganti <ashwin.ganti@...il.com>
Cc: ericvh@...il.com
Cc: devel@...uxdriverproject.org
Cc: linux-kernel@...r.kernel.org
---
drivers/staging/p9auth/p9auth.c | 14 +++++++++-----
1 files changed, 9 insertions(+), 5 deletions(-)
diff --git a/drivers/staging/p9auth/p9auth.c b/drivers/staging/p9auth/p9auth.c
index db79626..70ef45b 100644
--- a/drivers/staging/p9auth/p9auth.c
+++ b/drivers/staging/p9auth/p9auth.c
@@ -275,10 +275,14 @@ static ssize_t cap_write(struct file *filp, const char __user *buf,
goto out;
}
/*
- * What all id's need to be changed here? uid,
- * euid, fsid, savedids ?? Currently I am
- * changing the effective user id since most of
- * the authorisation decisions are based on it
+ * Change all uids. It might be useful to
+ * keep suid unchanged, however that will
+ * mean that changing from uid=0 to uid=!0
+ * pP is not emptied (only pE is), and when
+ * changing from uid=!0 to uid=0, sets are
+ * not filled. They will be correct after
+ * the next exec, but this is IMO not
+ * sufficient. So change all uids.
*/
new = prepare_creds();
if (!new) {
@@ -286,7 +290,7 @@ static ssize_t cap_write(struct file *filp, const char __user *buf,
goto out;
}
new->uid = (uid_t) target_int;
- new->euid = (uid_t) target_int;
+ new->suid = new->fsuid = new->euid = new->uid;
retval = commit_creds(new);
if (retval)
goto out;
--
1.6.1
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists