• R/O
  • HTTP
  • SSH
  • HTTPS

linux-2.4.36: Commit

2.4.36-stable kernel tree


Commit MetaInfo

Revision62b548a60eaff6f986e9b3f5fd602ddae451b33e (tree)
Zeit2007-12-10 15:01:53
AutorWilly Tarreau <w@1wt....>
CommiterWilly Tarreau

Log Message

[PATCH] vfs: coredumping fix

Backport of 2.6 commit c46f739dd39db3b07ab5deb4e3ec81e1c04a91af by Ingo Molnar.

fix: http://bugzilla.kernel.org/show_bug.cgi?id=3043

only allow coredumping to the same uid that the coredumping
task runs under.

Signed-off-by: Willy Tarreau <w@1wt.eu>

Ändern Zusammenfassung

Diff

--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1167,6 +1167,12 @@ int do_coredump(long signr, struct pt_regs * regs)
11671167
11681168 if (!S_ISREG(inode->i_mode))
11691169 goto close_fail;
1170+ /*
1171+ * Dont allow local users get cute and trick others to coredump
1172+ * into their pre-created files:
1173+ */
1174+ if (inode->i_uid != current->fsuid)
1175+ goto close_fail;
11701176 if (!file->f_op)
11711177 goto close_fail;
11721178 if (!file->f_op->write)
Show on old repository browser