summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2020-03-16 18:21:12 +0100
committerEric W. Biederman <ebiederm@xmission.com>2020-05-20 21:44:21 +0200
commit87b047d2be417b271d80f5e490a825c6fd53ecad (patch)
tree9a238e1f1b56b7b999882eefaaae6d5b32bd6ea3 /security
parentMerge f87d1c955916 ("exec: Move would_dump into flush_old_exec") (diff)
downloadlinux-87b047d2be417b271d80f5e490a825c6fd53ecad.tar.xz
linux-87b047d2be417b271d80f5e490a825c6fd53ecad.zip
exec: Teach prepare_exec_creds how exec treats uids & gids
It is almost possible to use the result of prepare_exec_creds with no modifications during exec. Update prepare_exec_creds to initialize the suid and the fsuid to the euid, and the sgid and the fsgid to the egid. This is all that is needed to handle the common case of exec when nothing special like a setuid exec is happening. That this preserves the existing behavior of exec can be verified by examing bprm_fill_uid and cap_bprm_set_creds. This change makes it clear that the later parts of exec that update bprm->cred are just need to handle special cases such as setuid exec and change of domains. Link: https://lkml.kernel.org/r/871rng22dm.fsf_-_@x220.int.ebiederm.org Acked-by: Linus Torvalds <torvalds@linux-foundation.org> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions