git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Paul Moore <paul@paul-moore.com>
	Fri, 19 Apr 2019 18:55:12 +0000 (14:55 -0400)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sat, 25 May 2019 16:16:22 +0000 (18:16 +0200)
commit	bb2601cb4125dd07f341384d056f269a2617111a
tree	1587a62660c51a813bd7963bc847ef5cd53726c6	tree
parent	c733b76d25a7d2afd6da8dea95c5acab24dc1591	commit \| diff

proc: prevent changes to overridden credentials

commit 35a196bef449b5824033865b963ed9a43fb8c730 upstream.

Prevent userspace from changing the the /proc/PID/attr values if the
task's credentials are currently overriden. This not only makes sense
conceptually, it also prevents some really bizarre error cases caused
when trying to commit credentials to a task with overridden
credentials.

Cc: <stable@vger.kernel.org>
Reported-by: "chengjian (D)" <cj.chengjian@huawei.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Acked-by: John Johansen <john.johansen@canonical.com>
Acked-by: James Morris <james.morris@microsoft.com>
Acked-by: Casey Schaufler <casey@schaufler-ca.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>