mirror of
https://github.com/torvalds/linux.git
synced 2024-12-29 06:12:08 +00:00
073931017b
When file permissions are modified via chmod(2) and the user is not in the owning group or capable of CAP_FSETID, the setgid bit is cleared in inode_change_ok(). Setting a POSIX ACL via setxattr(2) sets the file permissions as well as the new ACL, but doesn't clear the setgid bit in a similar way; this allows to bypass the check in chmod(2). Fix that. References: CVE-2016-7097 Reviewed-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Jan Kara <jack@suse.cz> Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com> |
||
---|---|---|
.. | ||
acl.c | ||
acl.h | ||
cache.c | ||
cache.h | ||
fid.c | ||
fid.h | ||
Kconfig | ||
Makefile | ||
v9fs_vfs.h | ||
v9fs.c | ||
v9fs.h | ||
vfs_addr.c | ||
vfs_dentry.c | ||
vfs_dir.c | ||
vfs_file.c | ||
vfs_inode_dotl.c | ||
vfs_inode.c | ||
vfs_super.c | ||
xattr.c | ||
xattr.h |