This is the third in a series of seven patches to the BSD Secure
Levels LSM. It allows setuid and setgid on directories. It also
disallows the creation of setuid/setgid executables via open or mknod.
Thanks to Brad Spengler for the suggestion.
Signed off by: Michael Halcrow <[email protected]>
Index: linux-2.6.12-rc4-mm2-seclvl/security/seclvl.c
===================================================================
--- linux-2.6.12-rc4-mm2-seclvl.orig/security/seclvl.c 2005-05-16 16:27:27.000000000 -0500
+++ linux-2.6.12-rc4-mm2-seclvl/security/seclvl.c 2005-05-16 16:28:19.000000000 -0500
@@ -540,7 +540,11 @@
static int seclvl_inode_setattr(struct dentry *dentry, struct iattr *iattr)
{
if (seclvl > 0) {
- if (iattr->ia_valid & ATTR_MODE)
+ if (dentry && dentry->d_inode
+ && S_ISDIR(dentry->d_inode->i_mode)) {
+ return 0;
+ }
+ if (iattr && iattr->ia_valid & ATTR_MODE)
if (iattr->ia_mode & S_ISUID ||
iattr->ia_mode & S_ISGID) {
seclvl_printk(1, KERN_WARNING "%s: Attempt to "
@@ -554,6 +558,36 @@
}
/**
+ * Prevent an end-run around the inode_setattr control.
+ */
+static int seclvl_inode_mknod(struct inode *inode, struct dentry *dentry,
+ int mode, dev_t dev)
+{
+ if (seclvl > 0 && (mode & 02000 || mode & 04000)) {
+ seclvl_printk(1, KERN_WARNING "%s: Attempt to mknod with suid "
+ "or guid bit set in seclvl [%d]\n", __FUNCTION__,
+ seclvl);
+ return -EPERM;
+ }
+ return 0;
+}
+
+/**
+ * Prevent an end-run around the inode_setattr control.
+ */
+static int
+seclvl_inode_create(struct inode *inode, struct dentry *dentry, int mask)
+{
+ if (seclvl > 0 && (mask & 02000 || mask & 04000)) {
+ seclvl_printk(1, KERN_WARNING "%s: Attempt to "
+ "create inode with suid or guid bit set in "
+ "seclvl [%d]\n", __FUNCTION__, seclvl);
+ return -EPERM;
+ }
+ return 0;
+}
+
+/**
* Release busied block devices.
*/
static void seclvl_file_free_security(struct file *filp)
@@ -594,6 +628,8 @@
.capable = seclvl_capable,
.file_permission = seclvl_file_permission,
.inode_setattr = seclvl_inode_setattr,
+ .inode_mknod = seclvl_inode_mknod,
+ .inode_create = seclvl_inode_create,
.file_free_security = seclvl_file_free_security,
.settime = seclvl_settime,
.sb_umount = seclvl_umount,
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]