Prev: pidns: Fix wait for zombies to be reaped in zap_pid_ns_processes
Next: [GIT PULL] x86 fixes for 2.6.35-rc6
From: Kees Cook on 13 Jul 2010 18:40
The inode_follow_link LSM hook is called in bind mount situations as
well as for symlink situations, so we must explicitly check for the
inode being a symlink to not reject bind mounts in 1777 directories,
which seems to be a common NFSv4 configuration.

Signed-off-by: Kees Cook <kees.cook(a)canonical.com>
---
security/yama/yama_lsm.c | 4 ++++
1 files changed, 4 insertions(+), 0 deletions(-)

diff --git a/security/yama/yama_lsm.c b/security/yama/yama_lsm.c
index 3b76386..c70eb10 100644
--- a/security/yama/yama_lsm.c
+++ b/security/yama/yama_lsm.c
@@ -116,6 +116,10 @@ static int yama_inode_follow_link(struct dentry *dentry,
if (!protected_sticky_symlinks)
return 0;

+ /* if inode isn't a symlink, don't try to evaluate blocking it */
+ if (!S_ISLNK(inode->i_mode))
+ return 0;
+
/* owner and follower match? */
cred = current_cred();
inode = dentry->d_inode;
--
1.7.1


--
Kees Cook
Ubuntu Security Team
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
 | 
Pages: 1
Prev: pidns: Fix wait for zombies to be reaped in zap_pid_ns_processes
Next: [GIT PULL] x86 fixes for 2.6.35-rc6