1756d7994a
cgroup process migration permission checks are performed at write time as
whether a given operation is allowed or not is dependent on the content of
the write - the PID. This currently uses current's credentials which is a
potential security weakness as it may allow scenarios where a less
privileged process tricks a more privileged one into writing into a fd that
it created.
This patch makes both cgroup2 and cgroup1 process migration interfaces to
use the credentials saved at the time of open (file->f_cred) instead of
current's.
Reported-by: "Eric W. Biederman" <ebiederm@xmission.com>
Suggested-by: Linus Torvalds <torvalds@linuxfoundation.org>
Fixes:
|
||
|---|---|---|
| .. | ||
| cgroup-internal.h | ||
| cgroup-v1.c | ||
| cgroup.c | ||
| cpuset.c | ||
| debug.c | ||
| freezer.c | ||
| legacy_freezer.c | ||
| Makefile | ||
| misc.c | ||
| namespace.c | ||
| pids.c | ||
| rdma.c | ||
| rstat.c | ||