summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@g5.osdl.org>2006-07-15 06:48:03 +0200
committerLinus Torvalds <torvalds@g5.osdl.org>2006-07-15 06:48:03 +0200
commit9ee8ab9fbf21e6b87ad227cd46c0a4be41ab749b (patch)
tree148cf933d20fdf79096b71d03552c1c511c2db13
parentFix nasty /proc vulnerability (diff)
downloadlinux-9ee8ab9fbf21e6b87ad227cd46c0a4be41ab749b.tar.xz
linux-9ee8ab9fbf21e6b87ad227cd46c0a4be41ab749b.zip
Relax /proc fix a bit
Clearign all of i_mode was a bit draconian. We only really care about S_ISUID/ISGID, after all. Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r--fs/proc/base.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 0cb8f20d000c..474eae345068 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -1338,8 +1338,8 @@ static int pid_revalidate(struct dentry *dentry, struct nameidata *nd)
} else {
inode->i_uid = 0;
inode->i_gid = 0;
- inode->i_mode = 0;
}
+ inode->i_mode &= ~(S_ISUID | S_ISGID);
security_task_to_inode(task, inode);
put_task_struct(task);
return 1;
@@ -1390,6 +1390,7 @@ static int tid_fd_revalidate(struct dentry *dentry, struct nameidata *nd)
inode->i_uid = 0;
inode->i_gid = 0;
}
+ inode->i_mode &= ~(S_ISUID | S_ISGID);
security_task_to_inode(task, inode);
put_task_struct(task);
return 1;