]>
Commit | Line | Data |
---|---|---|
d9fdd6fb GKH |
1 | From 76595f79d76fbe6267a51b3a866a028d150f06d4 Mon Sep 17 00:00:00 2001 |
2 | From: Neil Horman <nhorman@tuxdriver.com> | |
3 | Date: Fri, 5 Mar 2010 13:44:16 -0800 | |
4 | Subject: coredump: suppress uid comparison test if core output files are pipes | |
5 | ||
6 | From: Neil Horman <nhorman@tuxdriver.com> | |
7 | ||
8 | commit 76595f79d76fbe6267a51b3a866a028d150f06d4 upstream. | |
9 | ||
10 | Modify uid check in do_coredump so as to not apply it in the case of | |
11 | pipes. | |
12 | ||
13 | This just got noticed in testing. The end of do_coredump validates the | |
14 | uid of the inode for the created file against the uid of the crashing | |
15 | process to ensure that no one can pre-create a core file with different | |
16 | ownership and grab the information contained in the core when they | |
17 | shouldn' tbe able to. This causes failures when using pipes for a core | |
18 | dumps if the crashing process is not root, which is the uid of the pipe | |
19 | when it is created. | |
20 | ||
21 | The fix is simple. Since the check for matching uid's isn't relevant for | |
22 | pipes (a process can't create a pipe that the uermodehelper code will open | |
23 | anyway), we can just just skip it in the event ispipe is non-zero | |
24 | ||
25 | Reverts a pipe-affecting change which was accidentally made in | |
26 | ||
27 | : commit c46f739dd39db3b07ab5deb4e3ec81e1c04a91af | |
28 | : Author: Ingo Molnar <mingo@elte.hu> | |
29 | : AuthorDate: Wed Nov 28 13:59:18 2007 +0100 | |
30 | : Commit: Linus Torvalds <torvalds@woody.linux-foundation.org> | |
31 | : CommitDate: Wed Nov 28 10:58:01 2007 -0800 | |
32 | : | |
33 | : vfs: coredumping fix | |
34 | ||
35 | Signed-off-by: Neil Horman <nhorman@tuxdriver.com> | |
36 | Cc: Andi Kleen <andi@firstfloor.org> | |
37 | Cc: Oleg Nesterov <oleg@redhat.com> | |
38 | Cc: Alan Cox <alan@lxorguk.ukuu.org.uk> | |
39 | Cc: Al Viro <viro@zeniv.linux.org.uk> | |
40 | Cc: Ingo Molnar <mingo@elte.hu> | |
41 | Signed-off-by: Andrew Morton <akpm@linux-foundation.org> | |
42 | Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | |
43 | Cc: maximilian attems <max@stro.at> | |
44 | Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> | |
45 | ||
46 | --- | |
47 | fs/exec.c | 3 ++- | |
48 | 1 file changed, 2 insertions(+), 1 deletion(-) | |
49 | ||
50 | --- a/fs/exec.c | |
51 | +++ b/fs/exec.c | |
52 | @@ -1826,8 +1826,9 @@ int do_coredump(long signr, int exit_cod | |
53 | /* | |
54 | * Dont allow local users get cute and trick others to coredump | |
55 | * into their pre-created files: | |
56 | + * Note, this is not relevant for pipes | |
57 | */ | |
58 | - if (inode->i_uid != current->fsuid) | |
0fa428d6 | 59 | + if (!ispipe && (inode->i_uid != current->fsuid)) |
d9fdd6fb GKH |
60 | goto close_fail; |
61 | if (!file->f_op) | |
62 | goto close_fail; |