Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S934213AbbEOLcL (ORCPT ); Fri, 15 May 2015 07:32:11 -0400 Received: from mailout3.w1.samsung.com ([210.118.77.13]:26215 "EHLO mailout3.w1.samsung.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932940AbbEOLcI (ORCPT ); Fri, 15 May 2015 07:32:08 -0400 X-AuditID: cbfec7f4-f79c56d0000012ee-b5-5555d93474a0 Message-id: <1431689523.1769.1.camel@samsung.com> Subject: Re: [PATCH v2 1/2] capabilities: Ambient capabilities From: Lukasz Pawelczyk To: Andy Lutomirski Cc: Serge Hallyn , Andrew Morton , Jarkko Sakkinen , "Ted Ts'o" , "Andrew G. Morgan" , Linux API , Mimi Zohar , Michael Kerrisk , Austin S Hemmelgarn , linux-security-module , Aaron Jones , Serge Hallyn , LKML , Markku Savela , Kees Cook , Jonathan Corbet , Christoph Lameter , Andy Lutomirski Date: Fri, 15 May 2015 13:32:03 +0200 In-reply-to: References: Content-type: text/plain; charset=UTF-8 X-Mailer: Evolution 3.12.11 (3.12.11-1.fc21) MIME-version: 1.0 Content-transfer-encoding: 7bit X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrIIsWRmVeSWpSXmKPExsVy+t/xq7omN0NDDTb8MLCY0jGDzaLl6zMm i74fcxktrn97w2jx5EA7o8X3VS4WZ7pzLTZ/72CzuLxrDpvFh55HbBar1zawWpzftZbV4uWC Qouvk86xWZya8IDd4lzjcxaLHadbmCxae36yW3xaMYnZQdjj/pu/LB6zGnrZPGY3XGTx2Dnr LrvHplWdbB5Prkxn8ph3MtDjwaHNLB77565h91jcN5nVo+nMUWaPtmXXWD0eTHrD6PF5k1wA XxSXTUpqTmZZapG+XQJXxuybe9gK9rJXrO04ztjAeI+1i5GTQ0LARGLFut1QtpjEhXvr2boY uTiEBJYySsx4sZgFwvnMKHHs718mkCpeAUOJny9fgXUIC9hJLF75kQ3EZhMwkPh+YS8ziC0i oCrx+vQOVpBmZoGXrBJv53wEa2YBSjStXs8OYnMKREgsOrmOBcQWEqiTeP/rA9ggZgF1iUnz FgEN4gA6SUfi5s0UiL2CEj8m32OBKJGX2LzmLfMERoFZSDpmISmbhaRsASPzKkbR1NLkguKk 9FxDveLE3OLSvHS95PzcTYyQiP2yg3HxMatDjAIcjEo8vDdWhoYKsSaWFVfmHmKU4GBWEuG9 egkoxJuSWFmVWpQfX1Sak1p8iFGag0VJnHfurvchQgLpiSWp2ampBalFMFkmDk6pBsYtc7oj lQKUCnc5aM/t3B502K80z0YjkvN5r9NMCdPjcyIdfY8ZLkrX7vVgqOVJnLY8Y3qyv2DGXuY9 rguVsniYXu9nPVZg0DJFLGih1e+jSk8+6M+R/+7n7xIY6hfvfOWC66RfTAlbLty4qJjM8WBS wr9fz78k3Hnztpb5QFnFdfWK+TZlP5VYijMSDbWYi4oTAdEno9/UAgAA Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1170 Lines: 37 On czw, 2015-05-14 at 23:39 -0700, Andy Lutomirski wrote: > @@ -696,10 +729,18 @@ static inline void cap_emulate_setxuid(struct cred *new, const struct cred *old) > uid_eq(old->suid, root_uid)) && > (!uid_eq(new->uid, root_uid) && > !uid_eq(new->euid, root_uid) && > - !uid_eq(new->suid, root_uid)) && > - !issecure(SECURE_KEEP_CAPS)) { > - cap_clear(new->cap_permitted); > - cap_clear(new->cap_effective); > + !uid_eq(new->suid, root_uid))) { > + if (!issecure(SECURE_KEEP_CAPS)) { > + cap_clear(new->cap_permitted); > + cap_clear(new->cap_effective); > + } > + > + /* > + * Pre-ambient programs except setresuid to nonroot followed I think you meant "expect". This typo changes the meaning of the sentence. > + * by exec to drop capabilities. We should make sure that > + * this remains the case. > + */ > + cap_clear(new->cap_ambient); > } -- Lukasz Pawelczyk -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/