Skip to main content

Browse the archive

https://github.com/torvalds/linux
17 May 2024, 09:02:56 UTC
Revision 3318a386e4ca68c76e0294363d29bdc46fcad670 authored by Serge Hallyn on 30 October 2008, 16:52:23 UTC, committed by Linus Torvalds on 01 November 2008, 16:49:45 UTC 
file caps: always start with clear bprm->caps_*
 
While Linux doesn't honor setuid on scripts.  However, it mistakenly
behaves differently for file capabilities.

This patch fixes that behavior by making sure that get_file_caps()
begins with empty bprm->caps_*.  That way when a script is loaded,
its bprm->caps_* may be filled when binfmt_misc calls prepare_binprm(),
but they will be cleared again when binfmt_elf calls prepare_binprm()
next to read the interpreter's file capabilities.

Signed-off-by: Serge Hallyn <serue@us.ibm.com>
Acked-by: David Howells <dhowells@redhat.com>
Acked-by: Andrew G. Morgan <morgan@kernel.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
1 parent e06f42d
History
Tip revision: 3318a386e4ca68c76e0294363d29bdc46fcad670 authored by Serge Hallyn on 30 October 2008, 16:52:23 UTC
file caps: always start with clear bprm->caps_*
Tip revision: 3318a38
File Mode Size
Documentation
arch
block
crypto
drivers
firmware
fs
include
init
ipc
kernel
lib
mm
net
samples
scripts
security
sound
usr
virt
.gitignore -rw-r--r-- 867 bytes
.mailmap -rw-r--r-- 3.8 KB
COPYING -rw-r--r-- 18.3 KB
CREDITS -rw-r--r-- 91.0 KB
Kbuild -rw-r--r-- 2.4 KB
MAINTAINERS -rw-r--r-- 102.4 KB
Makefile -rw-r--r-- 55.9 KB
README -rw-r--r-- 16.5 KB
REPORTING-BUGS -rw-r--r-- 3.1 KB

README

back to top