[PATCH v2 0/2] setgid hardening

From: Andy Lutomirski
Date: Fri Jan 27 2017 - 21:49:57 EST

Next message: Andy Lutomirski: "[PATCH v2 2/2] fs: Harden against open(..., O_CREAT, 02777) in a setgid directory"
Previous message: Eric Anholt: "Re: [PATCH 1/2] dt-bindings: Document the VC4 DSI module nodes."
Next in thread: Andy Lutomirski: "[PATCH v2 2/2] fs: Harden against open(..., O_CREAT, 02777) in a setgid directory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The kernel has some dangerous behavior involving the creation and
modification of setgid executables. These issues aren't kernel
security bugs per se, but they have been used to turn various
filesystem permission oddities into reliably privilege escalation
exploits.

See http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/
for a nice writeup.

Let's fix them for real.

Changes from v1:
- Fix uninitialized variable issue (Willy, Ben)
- Also check current creds in should_remove_suid() (Ben)

Andy Lutomirski (2):
fs: Check f_cred as well as of current's creds in should_remove_suid()
fs: Harden against open(..., O_CREAT, 02777) in a setgid directory

fs/inode.c | 61 ++++++++++++++++++++++++++++++++++++++++++++++--------
fs/internal.h | 2 +-
fs/ocfs2/file.c | 4 ++--
fs/open.c | 2 +-
include/linux/fs.h | 2 +-
5 files changed, 57 insertions(+), 14 deletions(-)

--
2.9.3

Next message: Andy Lutomirski: "[PATCH v2 2/2] fs: Harden against open(..., O_CREAT, 02777) in a setgid directory"
Previous message: Eric Anholt: "Re: [PATCH 1/2] dt-bindings: Document the VC4 DSI module nodes."
Next in thread: Andy Lutomirski: "[PATCH v2 2/2] fs: Harden against open(..., O_CREAT, 02777) in a setgid directory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]