proc: Check /proc/$pid/attr/ writes against file opener - linux - Linux Kernel (branches are rebased on master from time to time)

diff options

author	Kees Cook <keescook@chromium.org>	2021-05-25 12:37:35 -0700
committer	Linus Torvalds <torvalds@linux-foundation.org>	2021-05-25 10:24:41 -1000
commit	bfb819ea20ce8bbeeba17e1a6418bf8bda91fc28 (patch)
tree	d5327bdc0a2bb41db9968c7937810d40875b090a /kernel/sys_ni.c
parent	ad9f25d338605d26acedcaf3ba5fab5ca26f1c10 (diff)
download	linux-bfb819ea20ce8bbeeba17e1a6418bf8bda91fc28.tar.bz2

proc: Check /proc/$pid/attr/ writes against file opener

Fix another "confused deputy" weakness[1]. Writes to /proc/$pid/attr/ files need to check the opener credentials, since these fds do not transition state across execve(). Without this, it is possible to trick another process (which may have different credentials) to write to its own /proc/$pid/attr/ files, leading to unexpected and possibly exploitable behaviors. [1] https://www.kernel.org/doc/html/latest/security/credentials.html?highlight=confused#open-file-credentials Fixes: 1da177e4c3f41 ("Linux-2.6.12-rc2") Cc: stable@vger.kernel.org Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Diffstat (limited to 'kernel/sys_ni.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: