diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2019-07-16 11:49:58 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2019-07-16 11:49:58 -0700 |
commit | 1ec4013bab89058dcc594dfe7b5a20f5d46bbc5f (patch) | |
tree | 4db305a87f3a36bea2a2296557faaec76cdfb9e6 /Documentation | |
parent | 3c69914b4c7b0b72ff0275c14743778057ee8a6e (diff) | |
parent | e10337daefecb47209fd2af5f4fab0d1a370737f (diff) |
Merge tag 'safesetid-5.3' of git://github.com/micah-morton/linux
Pull safesetid updates from Micah Morton:
"These changes from Jann Horn fix a couple issues in the recently added
SafeSetID LSM:
- There was a simple logic bug in one of the hooks for the LSM where
the code was incorrectly returning early in some cases before all
security checks had been passed.
- There was a more high level issue with how this LSM gets configured
that could allow for a program to bypass the security restrictions
by switching to an allowed UID and then again to any other UID on
the system if the target UID of the first transition is
unconstrained on the system. Luckily this is an easy fix that we
now enforce at the time the LSM gets configured.
There are also some changes from Jann that make policy updates for
this LSM atomic. Kees Cook, Jann and myself have reviewed these
changes and they look good from our point of view"
* tag 'safesetid-5.3' of git://github.com/micah-morton/linux:
LSM: SafeSetID: fix use of literal -1 in capable hook
LSM: SafeSetID: verify transitive constrainedness
LSM: SafeSetID: add read handler
LSM: SafeSetID: rewrite userspace API to atomic updates
LSM: SafeSetID: fix userns handling in securityfs
LSM: SafeSetID: refactor policy parsing
LSM: SafeSetID: refactor safesetid_security_capable()
LSM: SafeSetID: refactor policy hash table
LSM: SafeSetID: fix check for setresuid(new1, new2, new3)
LSM: SafeSetID: fix pr_warn() to include newline
Diffstat (limited to 'Documentation')
0 files changed, 0 insertions, 0 deletions