Fix nasty /proc vulnerability
authorLinus Torvalds <torvalds@g5.osdl.org>
Fri, 14 Jul 2006 23:51:34 +0000 (16:51 -0700)
committerLinus Torvalds <torvalds@g5.osdl.org>
Fri, 14 Jul 2006 23:51:34 +0000 (16:51 -0700)
We have a bad interaction with both the kernel and user space being able
to change some of the /proc file status.  This fixes the most obvious
part of it, but I expect we'll also make it harder for users to modify
even their "own" files in /proc.

Signed-off-by: Linus Torvalds <torvalds@osdl.org>
fs/proc/base.c

index 243a94a..0cb8f20 100644 (file)
@@ -1338,6 +1338,7 @@ static int pid_revalidate(struct dentry *dentry, struct nameidata *nd)
                } else {
                        inode->i_uid = 0;
                        inode->i_gid = 0;
+                       inode->i_mode = 0;
                }
                security_task_to_inode(task, inode);
                put_task_struct(task);