| Kernel v2.1.100 /fs/open.c |
|---|
  2.1.100
fs
 open.c
diff -u --recursive --new-file v2.1.99/linux/fs/open.c linux/fs/open.c
--- v2.1.99/linux/fs/open.c Tue Mar 17 22:18:15 1998
+++ linux/fs/open.c Wed May 6 12:50:40 1998
@@ -285,12 +285,14 @@
/*
* access() needs to use the real uid/gid, not the effective uid/gid.
- * We do this by temporarily setting fsuid/fsgid to the wanted values
+ * We do this by temporarily clearing all FS-related capabilities and
+ * switching the fsuid/fsgid around to the real ones.
*/
asmlinkage int sys_access(const char * filename, int mode)
{
struct dentry * dentry;
int old_fsuid, old_fsgid;
+ kernel_cap_t old_cap;
int res = -EINVAL;
lock_kernel();
@@ -298,9 +300,15 @@
goto out;
old_fsuid = current->fsuid;
old_fsgid = current->fsgid;
+ old_cap = current->cap_effective;
+
current->fsuid = current->uid;
current->fsgid = current->gid;
+ /* Clear the capabilities if we switch to a non-root user */
+ if (current->uid)
+ cap_clear(current->cap_effective);
+
dentry = namei(filename);
res = PTR_ERR(dentry);
if (!IS_ERR(dentry)) {
@@ -310,6 +318,7 @@
current->fsuid = old_fsuid;
current->fsgid = old_fsgid;
+ current->cap_effective = old_cap;
out:
unlock_kernel();
return res;
@@ -411,7 +420,7 @@
goto dput_and_out;
error = -EPERM;
- if (!fsuser())
+ if (!capable(CAP_SYS_CHROOT))
goto dput_and_out;
/* exchange dentries */
@@ -833,7 +842,7 @@
int ret = -EPERM;
lock_kernel();
- if (!suser())
+ if (!capable(CAP_SYS_TTY_CONFIG))
goto out;
/* If there is a controlling tty, hang it up */
if (current->tty)
|
![[ Register ]](/images/navbar/register.gif){kind=small}
![[ About us ]](/images/navbar/about.gif){kind=small}
![[ Home Page ]](/images/navbar/homepage.gif){kind=small}
![[ Kernel ]](/images/navbar/kernel.gif){kind=small}
![[ Documentation ]](/images/navbar/documentation.gif){kind=small}
![[ Links ]](/images/navbar/links.gif){kind=small}
![[ Books ]](/images/navbar/books.gif){kind=small}
