[RFC PATCH 0/1] security: add SECURE_KEEP_FSUID to preserve fsuid/fsgid across execve

Lubashev, Igor ilubashe at akamai.com
Wed Jul 3 00:58:34 UTC 2019


> From: James Morris <jmorris at namei.org>  on Friday, June 14, 2019 11:54 PM:
> On Sat, 15 Jun 2019, Lubashev, Igor wrote:
> 
> > Unfortunately, perf is using uid==0 and euid==0 as a "capability bits".
> >
> >
> > In tools/perf/util/evsel.c:
> > 	static bool perf_event_can_profile_kernel(void)
> > 	{
> > 		return geteuid() == 0 || perf_event_paranoid() == -1;
> > 	}
> >
> > In tools/perf/util/symbol.c:
> > 	static bool symbol__read_kptr_restrict(void)
> > 	{
> > 	...
> > 		value = ((geteuid() != 0) || (getuid() != 0)) ?
> > 				(atoi(line) != 0) :
> > 				(atoi(line) == 2);
> > 	...
> > 	}
> 
> These are bugs. They should be checking for CAP_SYS_ADMIN.

Thanks for the suggestion.

Actually, the former one should be checking CAP_SYS_ADMIN, while the latter -- CAP_SYSLOG (see lib/vsprintf.c).

Just posted a patch to perf (http://lists.infradead.org/pipermail/linux-arm-kernel/2019-July/664552.html).

Thank you,

- Igor



More information about the Linux-security-module-archive mailing list