[PATCH 1/1] file capabilities: remove the non-matching uid special case for kill

From: Serge E . Hallyn
Date: Thu Nov 01 2007 - 09:20:12 EST


There I went again having one patch do two (related) things.

Remove the special check I had added to cap_task_kill() for
non-matching uids. In fact it turns out the check wouldn't be
safe even if I'd coded it correctly. A binary can be setuid
and owned by a non-root user user1, have file capabilities, and
be executed by user2.

Signed-off-by: Serge E. Hallyn <serue@xxxxxxxxxx>
---
security/commoncap.c | 5 -----
1 files changed, 0 insertions(+), 5 deletions(-)

diff --git a/security/commoncap.c b/security/commoncap.c
index f04784a..302e8d0 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -526,11 +526,6 @@ int cap_task_kill(struct task_struct *p, struct siginfo *info,
if (info != SEND_SIG_NOINFO && (is_si_special(info) || SI_FROMKERNEL(info)))
return 0;

- /* if tasks have same uid, then check_kill_permission did check */
- if (current->uid == p->uid || current->euid == p->uid ||
- current->uid == p->suid || current->euid == p->suid)
- return 0;
-
/* sigcont is permitted within same session */
if (sig == SIGCONT && (task_session_nr(current) == task_session_nr(p)))
return 0;
--
1.5.1.1.GIT

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/