From: Kacper Kornet <kornet@camk.edu.pl>
Date: Fri, 28 Jan 2011 23:21:04 +0000 (+0100)
Subject: Fix prlimit64 for suid/sgid processes
X-Git-Tag: v2.6.37.1~101
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=191c11d6061187dc2955c6f53bf04d4c6b1e482c;p=thirdparty%2Fkernel%2Fstable.git

Fix prlimit64 for suid/sgid processes

commit aa5bd67dcfdf9af34c7fa36ebc87d4e1f7e91873 upstream.

Since check_prlimit_permission always fails in the case of SUID/GUID
processes, such processes are not able to read or set their own limits.
This commit changes this by assuming that process can always read/change
its own limits.

Signed-off-by: Kacper Kornet <kornet@camk.edu.pl>
Acked-by: Jiri Slaby <jslaby@suse.cz>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---

diff --git a/kernel/sys.c b/kernel/sys.c
index 7f5a0cd296a96..66136ca33a7b1 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -1377,7 +1377,8 @@ static int check_prlimit_permission(struct task_struct *task)
 	const struct cred *cred = current_cred(), *tcred;
 
 	tcred = __task_cred(task);
-	if ((cred->uid != tcred->euid ||
+	if (current != task &&
+	    (cred->uid != tcred->euid ||
 	     cred->uid != tcred->suid ||
 	     cred->uid != tcred->uid  ||
 	     cred->gid != tcred->egid ||