Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752258Ab2EaIvM (ORCPT ); Thu, 31 May 2012 04:51:12 -0400 Received: from mail-qa0-f46.google.com ([209.85.216.46]:60252 "EHLO mail-qa0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751217Ab2EaIvJ (ORCPT ); Thu, 31 May 2012 04:51:09 -0400 Message-ID: <4FC730FA.8080305@gmail.com> Date: Thu, 31 May 2012 04:51:06 -0400 From: KOSAKI Motohiro User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:12.0) Gecko/20120428 Thunderbird/12.0.1 MIME-Version: 1.0 To: James Morris CC: kosaki.motohiro@gmail.com, linux-kernel@vger.kernel.org, KOSAKI Motohiro , Vasiliy Kulikov , Chris Wright , James Morris , linux-security-module@vger.kernel.org, Serge Hallyn Subject: Re: [PATCH] security: kill security_task_fix_setuid() References: <1338451199-15396-1-git-send-email-kosaki.motohiro@gmail.com> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 883 Lines: 24 (5/31/12 4:42 AM), James Morris wrote: > On Thu, 31 May 2012, kosaki.motohiro@gmail.com wrote: > >> From: KOSAKI Motohiro >> >> commit 72fa5997 (move RLIMIT_NPROC check from set_user() to do_execve_common()) >> pointed out set*uid() failure can cause a security problem. >> Thus, security_task_fix_setuid() potentially has the same issue. Any security >> module shouldn't use it. This patch kills it completely. >> >> Luckily, any security module don't use it. then, this patch doesn't make any >> userland visible change. > > Capabilities uses it. Oops, I overlooked. Please ignore this patch. sorry. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/