forked from luck/tmp_suning_uos_patched
073931017b
When file permissions are modified via chmod(2) and the user is not in the owning group or capable of CAP_FSETID, the setgid bit is cleared in inode_change_ok(). Setting a POSIX ACL via setxattr(2) sets the file permissions as well as the new ACL, but doesn't clear the setgid bit in a similar way; this allows to bypass the check in chmod(2). Fix that. References: CVE-2016-7097 Reviewed-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Jan Kara <jack@suse.cz> Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com> |
||
|---|---|---|
| .. | ||
| acl.h | ||
| attributes.c | ||
| bfind.c | ||
| bitmap.c | ||
| bnode.c | ||
| brec.c | ||
| btree.c | ||
| catalog.c | ||
| dir.c | ||
| extents.c | ||
| hfsplus_fs.h | ||
| hfsplus_raw.h | ||
| inode.c | ||
| ioctl.c | ||
| Kconfig | ||
| Makefile | ||
| options.c | ||
| part_tbl.c | ||
| posix_acl.c | ||
| super.c | ||
| tables.c | ||
| unicode.c | ||
| wrapper.c | ||
| xattr_security.c | ||
| xattr_trusted.c | ||
| xattr_user.c | ||
| xattr.c | ||
| xattr.h | ||