diff options
Diffstat (limited to 'CVE-2018-13405.patch')
-rw-r--r-- | CVE-2018-13405.patch | 47 |
1 files changed, 0 insertions, 47 deletions
diff --git a/CVE-2018-13405.patch b/CVE-2018-13405.patch deleted file mode 100644 index 489e11f54..000000000 --- a/CVE-2018-13405.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7 Mon Sep 17 00:00:00 2001 -From: Linus Torvalds <torvalds@linux-foundation.org> -Date: Tue, 3 Jul 2018 17:10:19 -0700 -Subject: [PATCH] Fix up non-directory creation in SGID directories - -sgid directories have special semantics, making newly created files in -the directory belong to the group of the directory, and newly created -subdirectories will also become sgid. This is historically used for -group-shared directories. - -But group directories writable by non-group members should not imply -that such non-group members can magically join the group, so make sure -to clear the sgid bit on non-directories for non-members (but remember -that sgid without group execute means "mandatory locking", just to -confuse things even more). - -Reported-by: Jann Horn <jannh@google.com> -Cc: Andy Lutomirski <luto@kernel.org> -Cc: Al Viro <viro@zeniv.linux.org.uk> -Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> -Signed-off-by: Jeremy Cline <jcline@redhat.com> ---- - fs/inode.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/fs/inode.c b/fs/inode.c -index 2c300e981796..8c86c809ca17 100644 ---- a/fs/inode.c -+++ b/fs/inode.c -@@ -1999,8 +1999,14 @@ void inode_init_owner(struct inode *inode, const struct inode *dir, - inode->i_uid = current_fsuid(); - if (dir && dir->i_mode & S_ISGID) { - inode->i_gid = dir->i_gid; -+ -+ /* Directories are special, and always inherit S_ISGID */ - if (S_ISDIR(mode)) - mode |= S_ISGID; -+ else if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP) && -+ !in_group_p(inode->i_gid) && -+ !capable_wrt_inode_uidgid(dir, CAP_FSETID)) -+ mode &= ~S_ISGID; - } else - inode->i_gid = current_fsgid(); - inode->i_mode = mode; --- -2.17.1 - |