OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/fs/9p
History
Jan Kara 073931017b posix_acl: Clear SGID bit when setting file permissions 
When file permissions are modified via chmod(2) and the user is not in
the owning group or capable of CAP_FSETID, the setgid bit is cleared in
inode_change_ok().  Setting a POSIX ACL via setxattr(2) sets the file
permissions as well as the new ACL, but doesn't clear the setgid bit in
a similar way; this allows to bypass the check in chmod(2).  Fix that.

References: CVE-2016-7097
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
 		2016-09-22 10:55:32 +02:00
..
Kconfig
Makefile
acl.c posix_acl: Clear SGID bit when setting file permissions 2016-09-22 10:55:32 +02:00
acl.h
cache.c fs/9p: use fscache mutex rather than spinlock 2016-01-09 02:57:21 -05:00
cache.h
fid.c 9p: use clone_fid() 2016-08-03 11:12:12 -04:00
fid.h 9p: use clone_fid() 2016-08-03 11:12:12 -04:00
v9fs.c kmemcg: account certain kmem allocations to memcg 2016-01-14 16:00:49 -08:00
v9fs.h fs/9p: use fscache mutex rather than spinlock 2016-01-09 02:57:21 -05:00
v9fs_vfs.h
vfs_addr.c missed comment updates from ->direct_IO() prototype change 2016-05-29 19:05:03 -04:00
vfs_dentry.c
vfs_dir.c 9p: switch to ->iterate_shared() 2016-05-09 11:41:16 -04:00
vfs_file.c 9p: use file_dentry() 2016-06-30 23:28:09 -04:00
vfs_inode.c 9p: use clone_fid() 2016-08-03 11:12:12 -04:00
vfs_inode_dotl.c 9p: use clone_fid() 2016-08-03 11:12:12 -04:00
vfs_super.c mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros 2016-04-04 10:41:08 -07:00
xattr.c 9p: use clone_fid() 2016-08-03 11:12:12 -04:00
xattr.h