diff options
Diffstat (limited to 'userns-Only-allow-the-creator-of-the-userns-unprivil.patch')
| -rw-r--r-- | userns-Only-allow-the-creator-of-the-userns-unprivil.patch | 54 |
1 files changed, 0 insertions, 54 deletions
diff --git a/userns-Only-allow-the-creator-of-the-userns-unprivil.patch b/userns-Only-allow-the-creator-of-the-userns-unprivil.patch deleted file mode 100644 index 8381b14e3..000000000 --- a/userns-Only-allow-the-creator-of-the-userns-unprivil.patch +++ /dev/null @@ -1,54 +0,0 @@ -From: "Eric W. Biederman" <ebiederm@xmission.com> -Date: Wed, 26 Nov 2014 23:22:14 -0600 -Subject: [PATCH] userns: Only allow the creator of the userns unprivileged - mappings - -If you did not create the user namespace and are allowed -to write to uid_map or gid_map you should already have the necessary -privilege in the parent user namespace to establish any mapping -you want so this will not affect userspace in practice. - -Limiting unprivileged uid mapping establishment to the creator of the -user namespace makes it easier to verify all credentials obtained with -the uid mapping can be obtained without the uid mapping without -privilege. - -Limiting unprivileged gid mapping establishment (which is temporarily -absent) to the creator of the user namespace also ensures that the -combination of uid and gid can already be obtained without privilege. - -This is part of the fix for CVE-2014-8989. - -Cc: stable@vger.kernel.org -Reviewed-by: Andy Lutomirski <luto@amacapital.net> -Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> ---- - kernel/user_namespace.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c -index 9451b12a9b6c..1e34de2fbd60 100644 ---- a/kernel/user_namespace.c -+++ b/kernel/user_namespace.c -@@ -812,14 +812,16 @@ static bool new_idmap_permitted(const struct file *file, - struct user_namespace *ns, int cap_setid, - struct uid_gid_map *new_map) - { -+ const struct cred *cred = file->f_cred; - /* Don't allow mappings that would allow anything that wouldn't - * be allowed without the establishment of unprivileged mappings. - */ -- if ((new_map->nr_extents == 1) && (new_map->extent[0].count == 1)) { -+ if ((new_map->nr_extents == 1) && (new_map->extent[0].count == 1) && -+ uid_eq(ns->owner, cred->euid)) { - u32 id = new_map->extent[0].lower_first; - if (cap_setid == CAP_SETUID) { - kuid_t uid = make_kuid(ns->parent, id); -- if (uid_eq(uid, file->f_cred->euid)) -+ if (uid_eq(uid, cred->euid)) - return true; - } - } --- -2.1.0 - |