proc: Check /proc/$pid/attr/ writes against file opener - kernel/linux.git

diff options

author	Kees Cook <keescook@chromium.org>	2021-05-25 22:37:35 +0300
committer	Linus Torvalds <torvalds@linux-foundation.org>	2021-05-25 23:24:41 +0300
commit	bfb819ea20ce8bbeeba17e1a6418bf8bda91fc28 (patch)
tree	d5327bdc0a2bb41db9968c7937810d40875b090a /net/core
parent	ad9f25d338605d26acedcaf3ba5fab5ca26f1c10 (diff)
download	linux-bfb819ea20ce8bbeeba17e1a6418bf8bda91fc28.tar.xz

proc: Check /proc/$pid/attr/ writes against file opener

Fix another "confused deputy" weakness[1]. Writes to /proc/$pid/attr/ files need to check the opener credentials, since these fds do not transition state across execve(). Without this, it is possible to trick another process (which may have different credentials) to write to its own /proc/$pid/attr/ files, leading to unexpected and possibly exploitable behaviors. [1] https://www.kernel.org/doc/html/latest/security/credentials.html?highlight=confused#open-file-credentials Fixes: 1da177e4c3f41 ("Linux-2.6.12-rc2") Cc: stable@vger.kernel.org Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Diffstat (limited to 'net/core')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: