[PATCH] proc: prevent changes to overridden credentials
Casey Schaufler
casey at schaufler-ca.com
Sun Apr 21 17:14:58 UTC 2019
On 4/19/2019 11:55 AM, Paul Moore wrote:
> Prevent userspace from changing the the /proc/PID/attr values if the
> task's credentials are currently overriden. This not only makes sense
> conceptually, it also prevents some really bizarre error cases caused
> when trying to commit credentials to a task with overridden
> credentials.
>
> Cc: <stable at vger.kernel.org>
> Reported-by: "chengjian (D)" <cj.chengjian at huawei.com>
> Signed-off-by: Paul Moore <paul at paul-moore.com>
Acked-by: Casey Schaufler <casey at schaufler-ca.com>
> ---
> fs/proc/base.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/fs/proc/base.c b/fs/proc/base.c
> index ddef482f1334..87ba007b86db 100644
> --- a/fs/proc/base.c
> +++ b/fs/proc/base.c
> @@ -2539,6 +2539,11 @@ static ssize_t proc_pid_attr_write(struct file * file, const char __user * buf,
> rcu_read_unlock();
> return -EACCES;
> }
> + /* Prevent changes to overridden credentials. */
> + if (current_cred() != current_real_cred()) {
> + rcu_read_unlock();
> + return -EBUSY;
> + }
> rcu_read_unlock();
>
> if (count > PAGE_SIZE)
>
More information about the Linux-security-module-archive
mailing list