mirror of
https://mirrors.bfsu.edu.cn/git/linux.git
synced 2024-11-11 21:38:32 +08:00
073931017b
When file permissions are modified via chmod(2) and the user is not in the owning group or capable of CAP_FSETID, the setgid bit is cleared in inode_change_ok(). Setting a POSIX ACL via setxattr(2) sets the file permissions as well as the new ACL, but doesn't clear the setgid bit in a similar way; this allows to bypass the check in chmod(2). Fix that. References: CVE-2016-7097 Reviewed-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Jan Kara <jack@suse.cz> Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com> |
||
---|---|---|
.. | ||
acl.c | ||
addr.c | ||
cache.c | ||
cache.h | ||
caps.c | ||
ceph_frag.c | ||
debugfs.c | ||
dir.c | ||
export.c | ||
file.c | ||
inode.c | ||
ioctl.c | ||
ioctl.h | ||
Kconfig | ||
locks.c | ||
Makefile | ||
mds_client.c | ||
mds_client.h | ||
mdsmap.c | ||
snap.c | ||
strings.c | ||
super.c | ||
super.h | ||
xattr.c |