summaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@g5.osdl.org>2006-07-14 16:51:34 -0700
committerLinus Torvalds <torvalds@g5.osdl.org>2006-07-14 16:51:34 -0700
commit18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3 (patch)
treeb1a9c89bc546a71924ed7253f2f27afdeb82d297 /fs
parentab6cf0d0cb96417ef65cc2c2120c0e879edf7a4a (diff)
downloadlinux-18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3.tar.gz
linux-18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3.tar.bz2
linux-18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3.zip
Fix nasty /proc vulnerability
We have a bad interaction with both the kernel and user space being able to change some of the /proc file status. This fixes the most obvious part of it, but I expect we'll also make it harder for users to modify even their "own" files in /proc. Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'fs')
-rw-r--r--fs/proc/base.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 243a94af0427..0cb8f20d000c 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -1338,6 +1338,7 @@ static int pid_revalidate(struct dentry *dentry, struct nameidata *nd)
} else {
inode->i_uid = 0;
inode->i_gid = 0;
+ inode->i_mode = 0;
}
security_task_to_inode(task, inode);
put_task_struct(task);