diff options
| author | Jan Kara <jack@suse.cz> | 2016-09-19 17:39:09 +0200 |
|---|---|---|
| committer | Joey Rizzoli <joey@lineageos.org> | 2017-06-14 23:00:19 +0200 |
| commit | d52c8f1f72e8a8d2e7a0f7fe07ca65610bc49da5 (patch) | |
| tree | 728e9a4f6985b621c794a4040fef3b4abdfd4feb /net/lapb/lapb_timer.c | |
| parent | a32002d856e671e77a95c47b59174b28c82899ff (diff) | |
BACKPORT: posix_acl: Clear SGID bit when setting file permissions
[Partially applied during f2fs inclusion, changes now aligned to upstream]
(cherry pick from commit 073931017b49d9458aa351605b43a7e34598caef)
When file permissions are modified via chmod(2) and the user is not in
the owning group or capable of CAP_FSETID, the setgid bit is cleared in
inode_change_ok(). Setting a POSIX ACL via setxattr(2) sets the file
permissions as well as the new ACL, but doesn't clear the setgid bit in
a similar way; this allows to bypass the check in chmod(2). Fix that.
NB: conflicts resolution included extending the change to all visible
users of the near deprecated function posix_acl_equiv_mode
replaced with posix_acl_update_mode. We did not resolve the ACL
leak in this CL, require additional upstream fixes.
References: CVE-2016-7097
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Bug: 32458736
[haggertk]: Backport to 3.4/msm8974
* convert use of capable_wrt_inode_uidgid to capable
Change-Id: I19591ad452cc825ac282b3cfd2daaa72aa9a1ac1
Diffstat (limited to 'net/lapb/lapb_timer.c')
0 files changed, 0 insertions, 0 deletions