Yes that test is definitively wrong. It should be the same test used
in prepare_binprm a few lines up for testing whether the executable
has "raised" capabilities. That is - test whether the new process'
permitted set has gained any bits on the previous process' permitted
set. Here's a patch cleaning up this function:
--- linux.patched/fs/exec.c.orig Tue Jul 28 11:23:24 1998
+++ linux.patched/fs/exec.c Tue Jul 28 11:35:31 1998
@@ -687,26 +687,31 @@
void compute_creds(struct linux_binprm *bprm)
{
+ current->suid = current->euid = current->fsuid = bprm->e_uid;
+ current->sgid = current->egid = current->fsgid = bprm->e_gid;
+
/* For init, we want to retain the capabilities set
* in the init_task struct. Thus we skip the usual
* capability rules */
if (current->pid != 1) {
- int new_permitted = bprm->cap_permitted.cap |
- (bprm->cap_inheritable.cap &
- current->cap_inheritable.cap);
+ kernel_cap_t new_permitted =
+ cap_combine(bprm->cap_permitted,
+ cap_intersect(bprm->cap_inheritable,
+ current->cap_inheritable));
+
+ /* Clear dumpable if suid-exec or we got some new
+ capabilities */
+ if (current->euid != current->uid ||
+ current->egid != current->gid ||
+ !cap_issubset(new_permitted, current->cap_permitted)) {
+ current->dumpable = 0;
+ }
- current->cap_permitted.cap = new_permitted;
- current->cap_effective.cap = new_permitted &
- bprm->cap_effective.cap;
+ current->cap_permitted = new_permitted;
+ current->cap_effective = cap_intersect(new_permitted,
+ bprm->cap_effective);
}
-
/* AUD: Audit candidate if current->cap_effective is set */
-
- current->suid = current->euid = current->fsuid = bprm->e_uid;
- current->sgid = current->egid = current->fsgid = bprm->e_gid;
- if (current->euid != current->uid || current->egid != current->gid ||
- !cap_isclear(current->cap_permitted))
- current->dumpable = 0;
}
astor
-- Alexander Kjeldaas, Guardian Networks AS, Trondheim, Norway http://www.guardian.no/- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html