summaryrefslogtreecommitdiff
path: root/kernel/auditsc.c
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2013-05-24 09:49:14 -0400
committerEric Paris <eparis@redhat.com>2013-11-05 11:08:09 -0500
commit81407c84ace88368ff23abb81caaeacf050c8450 (patch)
tree16073582364ac97b798010640da348a68460b73d /kernel/auditsc.c
parent83fa6bbe4c4541ae748b550b4ec391f8a0acfe94 (diff)
downloadlwn-81407c84ace88368ff23abb81caaeacf050c8450.tar.gz
lwn-81407c84ace88368ff23abb81caaeacf050c8450.zip
audit: allow unsetting the loginuid (with priv)
If a task has CAP_AUDIT_CONTROL allow that task to unset their loginuid. This would allow a child of that task to set their loginuid without CAP_AUDIT_CONTROL. Thus when launching a new login daemon, a priviledged helper would be able to unset the loginuid and then the daemon, which may be malicious user facing, do not need priv to function correctly. Signed-off-by: Eric Paris <eparis@redhat.com> Signed-off-by: Richard Guy Briggs <rgb@redhat.com> Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'kernel/auditsc.c')
-rw-r--r--kernel/auditsc.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index b55788bf1607..c75d7813aef2 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -2019,7 +2019,9 @@ int audit_set_loginuid(kuid_t loginuid)
if (rc)
goto out;
- sessionid = atomic_inc_return(&session_id);
+ /* are we setting or clearing? */
+ if (uid_valid(loginuid))
+ sessionid = atomic_inc_return(&session_id);
task->sessionid = sessionid;
task->loginuid = loginuid;