[patch 34/76] file capabilities: simplify signal check

Score:

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: <linux-kernel@...>, <stable@...>, <jejb@...>

Cc: Justin Forbes <jmforbes@...>, Zwane Mwaikambo <zwane@...>, Theodore Ts'o <tytso@...>, Randy Dunlap <rdunlap@...>, Dave Jones <davej@...>, Chuck Wolber <chuckw@...>, Chris Wedgwood <reviews@...>, Michael Krufky <mkrufky@...>, Chuck Ebbert <cebbert@...>, Domenico Andreoli <cavokz@...>, <torvalds@...>, <akpm@...>, <alan@...>, Serge E. Hallyn <serue@...>, Andrew G Morgan <morgan@...>, Greg Kroah-Hartman <gregkh@...>

Subject: [patch 34/76] file capabilities: simplify signal check

Date: Friday, March 21, 2008 - 6:43 pm

-stable review patch.  If anyone has any objections, please let us know.
---------------------

From: Serge E. Hallyn <serue@us.ibm.com>

Simplify the uid equivalence check in cap_task_kill().  Anyone can kill a
process owned by the same uid.

Without this patch wireshark is reported to fail.

Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
 security/commoncap.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -539,7 +539,7 @@ int cap_task_kill(struct task_struct *p,
 	 * allowed.
 	 * We must preserve legacy signal behavior in this case.
 	 */
-	if (p->euid == 0 && p->uid == current->uid)
+	if (p->uid == current->uid)
 		return 0;
 
 	/* sigcont is permitted within same session */

-- 
--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[patch 34/76] file capabilities: simplify signal check, Chris Wright, (Fri Mar 21, 6:43 pm)


linux-kernel:
Lee Revell	Re: [RFC][PATCH] cpuidle: avoid singing capacitors
Ingo Molnar	[bug] latest -git boot hang
Greg Kroah-Hartman	[PATCH 001/196] Chinese: Add the known_regression URI to the HOWTO
Christoph Hellwig	Re: 2.6.24-rc6-mm1
git:
Imran M Yousuf	Re: [kernel.org users] [RFD] On deprecating "git-foo" for builtins
Dan Zwell	[PATCH] Color support added to git-add--interactive.
Kyle Moffett	Using GIT to store /etc (Or: How to make GIT store all file permission bits)
Petr Vandrovec	Re: Fwd: [OT] Re: Git via a proxy server?
openbsd-misc:
Lars Hansson	Re: Code signing in OpenBSD
Richard Stallman	Real men don't attack straw men
Pau	acer aspire one dmesg?
Henning Brauer	Re: About Xen: maybe a reiterative question but ..
linux-netdev:
Jarek Poplawski	Re: loaded router, excessive getnstimeofday in oprofile
Julius Volz	[PATCH RFC 20/24] IPVS: Add validity checks when adding/editing v6 services
Bruno	[PATCH 1/2] r8169: WoL fixes
Corey Hickey	[PATCH 01/10] Preparatory refactoring part 1.


high memory	1 day ago	Linux kernel
semaphore access speed	1 day ago	Applications and Utilities
the kernel how to power off the machine	1 day ago	Linux kernel
Easter Eggs in windows XP	1 day ago	Windows
Shared swap partition	1 day ago	Linux general
Root password	1 day ago	Linux general
Where/when DNOTIFY is used?	1 day ago	Linux kernel
How to convert Linux Kernel built-in module into a loadable module	1 day ago	Linux kernel
Linux 2.6.24 and I/O schedulers	1 day ago	Linux kernel
USB Driver -- Interrupt Polling -- A Little Help Please	1 day ago	Linux general

[patch 34/76] file capabilities: simplify signal check

Online users