diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2011-06-19 18:49:47 +0200 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2011-07-20 07:43:10 +0200 |
commit | 1b5d783c94c328d406e801566f161adcfb018dda (patch) | |
tree | e7d27b987e0670099af28db0d6bfcdac33236046 /fs/exec.c | |
parent | switch path_init() to exec_permission() (diff) | |
download | linux-1b5d783c94c328d406e801566f161adcfb018dda.tar.xz linux-1b5d783c94c328d406e801566f161adcfb018dda.zip |
consolidate BINPRM_FLAGS_ENFORCE_NONDUMP handling
new helper: would_dump(bprm, file). Checks if we are allowed to
read the file and if we are not - sets ENFORCE_NODUMP. Exported,
used in places that previously open-coded the same logics.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs/exec.c')
-rw-r--r-- | fs/exec.c | 14 |
1 files changed, 11 insertions, 3 deletions
diff --git a/fs/exec.c b/fs/exec.c index 6075a1e727ae..f9f12ad299af 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -1105,6 +1105,13 @@ out: } EXPORT_SYMBOL(flush_old_exec); +void would_dump(struct linux_binprm *bprm, struct file *file) +{ + if (inode_permission(file->f_path.dentry->d_inode, MAY_READ) < 0) + bprm->interp_flags |= BINPRM_FLAGS_ENFORCE_NONDUMP; +} +EXPORT_SYMBOL(would_dump); + void setup_new_exec(struct linux_binprm * bprm) { int i, ch; @@ -1144,9 +1151,10 @@ void setup_new_exec(struct linux_binprm * bprm) if (bprm->cred->uid != current_euid() || bprm->cred->gid != current_egid()) { current->pdeath_signal = 0; - } else if (file_permission(bprm->file, MAY_READ) || - bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP) { - set_dumpable(current->mm, suid_dumpable); + } else { + would_dump(bprm, bprm->file); + if (bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP) + set_dumpable(current->mm, suid_dumpable); } /* |