diff options
author | Alan Cox <alan@lxorguk.ukuu.org.uk> | 2007-04-17 07:53:13 +0200 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-04-18 01:36:26 +0200 |
commit | c4bbafda70a0fc95c6595bffd6825ef264050d01 (patch) | |
tree | 92860180bea4f2e1fd515432bb165c7ae628d2af /security | |
parent | allow vmsplice to work in 32-bit mode on ppc64 (diff) | |
download | linux-c4bbafda70a0fc95c6595bffd6825ef264050d01.tar.xz linux-c4bbafda70a0fc95c6595bffd6825ef264050d01.zip |
exec.c: fix coredump to pipe problem and obscure "security hole"
The patch checks for "|" in the pattern not the output and doesn't nail a
pid on to a piped name (as it is a program name not a file)
Also fixes a very very obscure security corner case. If you happen to have
decided on a core pattern that starts with the program name then the user
can run a program called "|myevilhack" as it stands. I doubt anyone does
this.
Signed-off-by: Alan Cox <alan@redhat.com>
Confirmed-by: Christopher S. Aker <caker@theshore.net>
Cc: <stable@kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions