Re: [PATCH] security: kill security_task_fix_setuid()

From: KOSAKI Motohiro
Date: Thu May 31 2012 - 04:51:08 EST

Next message: Kamezawa Hiroyuki: "Re: [PATCH] meminfo: show /proc/meminfo base on container's memcg"
Previous message: Stefani Seibold: "Re: [PATCH] add new NRP power meter USB device driver"
In reply to: James Morris: "Re: [PATCH] security: kill security_task_fix_setuid()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

(5/31/12 4:42 AM), James Morris wrote:

On Thu, 31 May 2012, kosaki.motohiro@xxxxxxxxx wrote:

From: KOSAKI Motohiro<kosaki.motohiro@xxxxxxxxxxxxxx>

commit 72fa5997 (move RLIMIT_NPROC check from set_user() to do_execve_common())
pointed out set*uid() failure can cause a security problem.
Thus, security_task_fix_setuid() potentially has the same issue. Any security
module shouldn't use it. This patch kills it completely.

Luckily, any security module don't use it. then, this patch doesn't make any
userland visible change.

Capabilities uses it.

Oops, I overlooked. Please ignore this patch. sorry.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Kamezawa Hiroyuki: "Re: [PATCH] meminfo: show /proc/meminfo base on container's memcg"
Previous message: Stefani Seibold: "Re: [PATCH] add new NRP power meter USB device driver"
In reply to: James Morris: "Re: [PATCH] security: kill security_task_fix_setuid()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]