diff options
author | Kees Cook <kees.cook@canonical.com> | 2009-11-08 09:37:00 -0800 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@suse.de> | 2010-04-01 15:58:16 -0700 |
commit | c907edc64f5ccc35c81b44fd0444646ba97edfc4 (patch) | |
tree | df962f81b6173507572b6ada5f9ffc8aadea3770 /security | |
parent | a6c4c1c5057d956af87679861f5eeb80c72e3a5e (diff) | |
download | lwn-c907edc64f5ccc35c81b44fd0444646ba97edfc4.tar.gz lwn-c907edc64f5ccc35c81b44fd0444646ba97edfc4.zip |
sysctl: require CAP_SYS_RAWIO to set mmap_min_addr
commit 0e1a6ef2dea88101b056b6d9984f3325c5efced3 upstream.
Currently the mmap_min_addr value can only be bypassed during mmap when
the task has CAP_SYS_RAWIO. However, the mmap_min_addr sysctl value itself
can be adjusted to 0 if euid == 0, allowing a bypass without CAP_SYS_RAWIO.
This patch adds a check for the capability before allowing mmap_min_addr to
be changed.
Signed-off-by: Kees Cook <kees.cook@canonical.com>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'security')
-rw-r--r-- | security/min_addr.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/security/min_addr.c b/security/min_addr.c index c844eed7915d..fc43c9d37084 100644 --- a/security/min_addr.c +++ b/security/min_addr.c @@ -33,6 +33,9 @@ int mmap_min_addr_handler(struct ctl_table *table, int write, { int ret; + if (!capable(CAP_SYS_RAWIO)) + return -EPERM; + ret = proc_doulongvec_minmax(table, write, buffer, lenp, ppos); update_mmap_min_addr(); |