[PATCH 0/2] setgid hardening

From: Andy Lutomirski
Date: Wed Jan 25 2017 - 16:07:08 EST

Next message: Andy Lutomirski: "[PATCH 1/2] fs: Check f_cred instead of current's creds in should_remove_suid()"
Previous message: Uwe Kleine-König: "Re: [PATCH v10 2/5] i2c: Add STM32F4 I2C driver"
Next in thread: Andy Lutomirski: "[PATCH 1/2] fs: Check f_cred instead of current's creds in should_remove_suid()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The kernel has some dangerous behavior involving the creation and
modification of setgid executables. These issues aren't kernel
security bugs per se, but they have been used to turn various
filesystem permission oddities into reliably privilege escalation
exploits.

See http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/
for a nice writeup.

Let's fix them for real.

Andy Lutomirski (2):
fs: Check f_cred instead of current's creds in should_remove_suid()
fs: Harden against open(..., O_CREAT, 02777) in a setgid directory

fs/inode.c | 37 ++++++++++++++++++++++++++++++-------
fs/internal.h | 2 +-
fs/ocfs2/file.c | 4 ++--
fs/open.c | 2 +-
include/linux/fs.h | 2 +-
5 files changed, 35 insertions(+), 12 deletions(-)

--
2.9.3

Next message: Andy Lutomirski: "[PATCH 1/2] fs: Check f_cred instead of current's creds in should_remove_suid()"
Previous message: Uwe Kleine-König: "Re: [PATCH v10 2/5] i2c: Add STM32F4 I2C driver"
Next in thread: Andy Lutomirski: "[PATCH 1/2] fs: Check f_cred instead of current's creds in should_remove_suid()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]