[PATCH 09/11] exec: In bprm_fill_uid only set per_clear when honoring suid or sgid
Linus Torvalds
torvalds at linux-foundation.org
Thu May 28 19:08:02 UTC 2020
On Thu, May 28, 2020 at 8:53 AM Eric W. Biederman <ebiederm at xmission.com> wrote:
>
> It makes no sense to set active_per_clear when the kernel decides not
> to honor the executables setuid or or setgid bits. Instead set
> active_per_clear when the kernel actually decides to honor the suid or
> sgid permission bits of an executable.
You seem to be confused about the naming yourself.
You talk about "active_per_clear", but the code is about "per_clear". WTF?
Linus
More information about the Linux-security-module-archive
mailing list