From: Eric W. Biederman Date: Thu, 17 Nov 2016 07:38:35 +0000 (-0600) Subject: exec: Don't reset euid and egid when the tracee has CAP_SETUID X-Git-Tag: v4.14-rc1~1421^2~13 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=70169420f555210147f3cab74bb0f6debd488bdb;p=platform%2Fkernel%2Flinux-rpi.git exec: Don't reset euid and egid when the tracee has CAP_SETUID Don't reset euid and egid when the tracee has CAP_SETUID in it's user namespace. I punted on relaxing this permission check long ago but now that I have read this code closely it is clear it is safe to test against CAP_SETUID in the user namespace. Signed-off-by: "Eric W. Biederman" --- diff --git a/security/commoncap.c b/security/commoncap.c index 8df676f..feb6044 100644 --- a/security/commoncap.c +++ b/security/commoncap.c @@ -550,7 +550,7 @@ skip: !cap_issubset(new->cap_permitted, old->cap_permitted)) && bprm->unsafe & ~LSM_UNSAFE_PTRACE_CAP) { /* downgrade; they get no more than they had, and maybe less */ - if (!capable(CAP_SETUID) || + if (!ns_capable(new->user_ns, CAP_SETUID) || (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS)) { new->euid = new->uid; new->egid = new->gid;