Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux/include
History
Eric W. Biederman f84df2a6f2 exec: Ensure mm->user_ns contains the execed files 
When the user namespace support was merged the need to prevent
ptrace from revealing the contents of an unreadable executable
was overlooked.

Correct this oversight by ensuring that the executed file
or files are in mm->user_ns, by adjusting mm->user_ns.

Use the new function privileged_wrt_inode_uidgid to see if
the executable is a member of the user namespace, and as such
if having CAP_SYS_PTRACE in the user namespace should allow
tracing the executable.  If not update mm->user_ns to
the parent user namespace until an appropriate parent is found.

Cc: stable@vger.kernel.org
Reported-by: Jann Horn <jann@thejh.net>
Fixes: 9e4a36ece6 ("userns: Fail exec for suid and sgid binaries with ids outside our user namespace.")
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
 		2016-11-22 13:21:00 -06:00
..
acpi Merge branches 'acpica-fixes', 'acpi-cppc-fixes' and 'acpi-tools-fixes' 2016-11-18 21:34:42 +01:00
asm-generic mm: kmemleak: scan .data.ro_after_init 2016-11-11 08:12:37 -08:00
clocksource
crypto
drm
dt-bindings
keys
kvm
linux exec: Ensure mm->user_ns contains the execed files 2016-11-22 13:21:00 -06:00
math-emu
media
memory
misc
net tcp: take care of truncations done by sk_filter() 2016-11-13 12:30:02 -05:00
pcmcia
ras
rdma
rxrpc
scsi
soc
sound
target
trace
uapi KVM fixes for v4.9-rc6 2016-11-19 13:31:40 -08:00
video
xen
Kbuild