Re: [PATCH] fs: clear file set[ug]id when writing via mmap

2015-12-02 Thread Kees Cook
On Mon, Nov 23, 2015 at 4:26 AM, Jan Kara wrote: > On Thu 19-11-15 16:10:43, Kees Cook wrote: >> Normally, when a user can modify a file that has setuid or setgid bits, >> those bits are cleared when they are not the file owner or a member of the >> group. This is enforced when using write() direc

Re: [PATCH] fs: clear file set[ug]id when writing via mmap

2015-11-23 Thread Eric W. Biederman
Jan Kara writes: > On Thu 19-11-15 16:10:43, Kees Cook wrote: >> Normally, when a user can modify a file that has setuid or setgid bits, >> those bits are cleared when they are not the file owner or a member of the >> group. This is enforced when using write() directly but not when writing >> to

Re: [PATCH] fs: clear file set[ug]id when writing via mmap

2015-11-23 Thread Jan Kara
On Thu 19-11-15 16:10:43, Kees Cook wrote: > Normally, when a user can modify a file that has setuid or setgid bits, > those bits are cleared when they are not the file owner or a member of the > group. This is enforced when using write() directly but not when writing > to a shared mmap on the file

Re: [PATCH] fs: clear file set[ug]id when writing via mmap

2015-11-19 Thread Willy Tarreau
On Thu, Nov 19, 2015 at 05:03:15PM -0800, Kees Cook wrote: > On Thu, Nov 19, 2015 at 5:00 PM, Willy Tarreau wrote: > > Hi Kees, > > > > On Thu, Nov 19, 2015 at 04:10:43PM -0800, Kees Cook wrote: > >> Normally, when a user can modify a file that has setuid or setgid bits, > >> those bits are cleare

Re: [PATCH] fs: clear file set[ug]id when writing via mmap

2015-11-19 Thread Kees Cook
On Thu, Nov 19, 2015 at 5:00 PM, Willy Tarreau wrote: > Hi Kees, > > On Thu, Nov 19, 2015 at 04:10:43PM -0800, Kees Cook wrote: >> Normally, when a user can modify a file that has setuid or setgid bits, >> those bits are cleared when they are not the file owner or a member of the >> group. This is

Re: [PATCH] fs: clear file set[ug]id when writing via mmap

2015-11-19 Thread Willy Tarreau
On Fri, Nov 20, 2015 at 02:00:16AM +0100, Willy Tarreau wrote: > > diff --git a/mm/memory.c b/mm/memory.c > > index deb679c31f2a..4c970a4e0057 100644 > > --- a/mm/memory.c > > +++ b/mm/memory.c > > @@ -2036,6 +2036,7 @@ static inline int wp_page_reuse(struct mm_struct *mm, > > > > if

Re: [PATCH] fs: clear file set[ug]id when writing via mmap

2015-11-19 Thread Willy Tarreau
Hi Kees, On Thu, Nov 19, 2015 at 04:10:43PM -0800, Kees Cook wrote: > Normally, when a user can modify a file that has setuid or setgid bits, > those bits are cleared when they are not the file owner or a member of the > group. This is enforced when using write() directly but not when writing > to

Re: [PATCH] fs: clear file set[ug]id when writing via mmap

2015-11-19 Thread Kees Cook
On Thu, Nov 19, 2015 at 4:41 PM, Andrew Morton wrote: > On Thu, 19 Nov 2015 16:10:43 -0800 Kees Cook wrote: > >> Normally, when a user can modify a file that has setuid or setgid bits, >> those bits are cleared when they are not the file owner or a member of the >> group. This is enforced when us

Re: [PATCH] fs: clear file set[ug]id when writing via mmap

2015-11-19 Thread Andrew Morton
On Thu, 19 Nov 2015 16:10:43 -0800 Kees Cook wrote: > Normally, when a user can modify a file that has setuid or setgid bits, > those bits are cleared when they are not the file owner or a member of the > group. This is enforced when using write() directly but not when writing > to a shared mmap

[PATCH] fs: clear file set[ug]id when writing via mmap

2015-11-19 Thread Kees Cook
Normally, when a user can modify a file that has setuid or setgid bits, those bits are cleared when they are not the file owner or a member of the group. This is enforced when using write() directly but not when writing to a shared mmap on the file. This could allow the file writer to gain privileg