• Andrew G. Morgan's avatar
    Fix filesystem capability support · a6dbb1ef
    Andrew G. Morgan authored
    In linux-2.6.24-rc1, security/commoncap.c:cap_inh_is_capped() was
    introduced. It has the exact reverse of its intended behavior. This
    led to an unintended privilege esculation involving a process'
    inheritable capability set.
    
    To be exposed to this bug, you need to have Filesystem Capabilities
    enabled and in use. That is:
    
    - CONFIG_SECURITY_FILE_CAPABILITIES must be defined for the buggy code
      to be compiled in.
    
    - You also need to have files on your system marked with fI bits raised.
    Signed-off-by: default avatarAndrew G. Morgan <morgan@kernel.org>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: Linus Torvalds <torvalds@akpm@linux-foundation.org>
    a6dbb1ef
commoncap.c 15.2 KB