Re: [PATCH][LSM] setfsuid/setgsuid bug fix 4/4

Chris Wright (chris@wirex.com)
Fri, 13 Jun 2003 00:22:24 -0700


Patch from Jakub Jelínek <jakub@redhat.com>

[LSM] make sure setfsuid/setfsgid return values are right. Before
include/linux/security.h was added, setfsuid/setfsgid always returned
old_fsuid, no matter if the fsuid was actually changed or not. With
the default security ops it seems to do the same, because both
security_task_setuid and security_task_post_setuid return 0, but
these are hooks which seem to return 0 on success, -errno on failure,
so if some non-default security hook is installed and ever returns
-errno in setfsuid/setfsgid, -errno will be returned from the syscall
instead of the expected old_fsuid. This makes it hard to distinguish
uids 0xfffff001 .. 0xffffffff from errors of security hooks.

--- linus-2.5/kernel/sys.c.setfsuid Thu Jun 12 22:53:14 2003
+++ linus-2.5/kernel/sys.c Thu Jun 12 22:53:14 2003
@@ -831,13 +831,11 @@
asmlinkage long sys_setfsuid(uid_t uid)
{
int old_fsuid;
- int retval;
-
- retval = security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS);
- if (retval)
- return retval;

old_fsuid = current->fsuid;
+ if (security_task_setuid(uid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS))
+ return old_fsuid;
+
if (uid == current->uid || uid == current->euid ||
uid == current->suid || uid == current->fsuid ||
capable(CAP_SETUID))
@@ -850,9 +848,7 @@
current->fsuid = uid;
}

- retval = security_task_post_setuid(old_fsuid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS);
- if (retval)
- return retval;
+ security_task_post_setuid(old_fsuid, (uid_t)-1, (uid_t)-1, LSM_SETID_FS);

return old_fsuid;
}
@@ -863,13 +859,11 @@
asmlinkage long sys_setfsgid(gid_t gid)
{
int old_fsgid;
- int retval;
-
- retval = security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_FS);
- if (retval)
- return retval;

old_fsgid = current->fsgid;
+ if (security_task_setgid(gid, (gid_t)-1, (gid_t)-1, LSM_SETID_FS))
+ return old_fsgid;
+
if (gid == current->gid || gid == current->egid ||
gid == current->sgid || gid == current->fsgid ||
capable(CAP_SETGID))
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/