Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932406Ab2EaIoN (ORCPT ); Thu, 31 May 2012 04:44:13 -0400 Received: from tundra.namei.org ([65.99.196.166]:40873 "EHLO tundra.namei.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932290Ab2EaIoJ (ORCPT ); Thu, 31 May 2012 04:44:09 -0400 Date: Thu, 31 May 2012 18:42:20 +1000 (EST) From: James Morris To: kosaki.motohiro@gmail.com cc: linux-kernel@vger.kernel.org, KOSAKI Motohiro , Vasiliy Kulikov , Chris Wright , James Morris , linux-security-module@vger.kernel.org, Serge Hallyn Subject: Re: [PATCH] security: kill security_task_fix_setuid() In-Reply-To: <1338451199-15396-1-git-send-email-kosaki.motohiro@gmail.com> Message-ID: References: <1338451199-15396-1-git-send-email-kosaki.motohiro@gmail.com> User-Agent: Alpine 2.02 (LRH 1266 2009-07-14) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 814 Lines: 23 On Thu, 31 May 2012, kosaki.motohiro@gmail.com wrote: > From: KOSAKI Motohiro > > commit 72fa5997 (move RLIMIT_NPROC check from set_user() to do_execve_common()) > pointed out set*uid() failure can cause a security problem. > Thus, security_task_fix_setuid() potentially has the same issue. Any security > module shouldn't use it. This patch kills it completely. > > Luckily, any security module don't use it. then, this patch doesn't make any > userland visible change. Capabilities uses it. -- James Morris -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/