Re: [GIT] Security updates for 3.3: SELinux

From: Eric Paris
Date: Tue Jan 17 2012 - 09:38:45 EST

Next message: Steven Rostedt: "Re: [ANNOUNCE] 3.0.14-rt31 - ksoftirq running wild - FEC ethernetdriver to blame?"
Previous message: Colin Walters: "Re: [RFC 0/3] low memory notify"
In reply to: J. R. Okajima: "Re: [GIT] Security updates for 3.3: SELinux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2012-01-17 at 23:28 +0900, J. R. Okajima wrote:
> James Morris:
> > Eric Paris (12):
> :::
> > capabitlies: ns_capable can use the cap helpers rather than lsm call
>
> After this commit, I am afraid access(2) on NFS may not work correctly.
> The scenario based upon my guess.
> - access(2) overrides the credentials.
> - calls inode_permission() -- ... -- generic_permission() --
> ns_capable().
> - while the old ns_capable() calls security_capable(current_cred()), the
> new ns_capable() calls has_ns_capability(current) --
> security_capable(__task_cred(t)).
>
> current_cred() returns current->cred which is effective (overridden)
> credentials, but __task_cred(current) returns current->real_cred (the
> NFSD's credential). And the overridden credentials by access(2) lost.
>
> Is my guess correct?

Linus please revert d2a7009f0bb03fa22ad08dd25472efa0568126b9

Your explanation seems plausible. I will review the rest and make sure
a similar problem was not introduced elsewhere.

-Eric

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Steven Rostedt: "Re: [ANNOUNCE] 3.0.14-rt31 - ksoftirq running wild - FEC ethernetdriver to blame?"
Previous message: Colin Walters: "Re: [RFC 0/3] low memory notify"
In reply to: J. R. Okajima: "Re: [GIT] Security updates for 3.3: SELinux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]