Commit 18b0bbd8 authored by Linus Torvalds's avatar Linus Torvalds

Fix nasty /proc vulnerability

We have a bad interaction with both the kernel and user space being able
to change some of the /proc file status.  This fixes the most obvious
part of it, but I expect we'll also make it harder for users to modify
even their "own" files in /proc.
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent ab6cf0d0
...@@ -1338,6 +1338,7 @@ static int pid_revalidate(struct dentry *dentry, struct nameidata *nd) ...@@ -1338,6 +1338,7 @@ static int pid_revalidate(struct dentry *dentry, struct nameidata *nd)
} else { } else {
inode->i_uid = 0; inode->i_uid = 0;
inode->i_gid = 0; inode->i_gid = 0;
inode->i_mode = 0;
} }
security_task_to_inode(task, inode); security_task_to_inode(task, inode);
put_task_struct(task); put_task_struct(task);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment