evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/fs/hfsplus
History
Jan Kara 57c9cfdb61 posix_acl: Clear SGID bit when setting file permissions 
commit 073931017b49d9458aa351605b43a7e34598caef upstream.

When file permissions are modified via chmod(2) and the user is not in
the owning group or capable of CAP_FSETID, the setgid bit is cleared in
inode_change_ok().  Setting a POSIX ACL via setxattr(2) sets the file
permissions as well as the new ACL, but doesn't clear the setgid bit in
a similar way; this allows to bypass the check in chmod(2).  Fix that.

References: CVE-2016-7097
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2016-10-31 04:13:58 -06:00
..
acl.h
attributes.c
bfind.c
bitmap.c
bnode.c hfs,hfsplus: cache pages correctly between bnode_create and bnode_free 2015-09-10 13:29:01 -07:00
brec.c
btree.c
catalog.c
dir.c
extents.c
hfsplus_fs.h fs: cleanup slight list_entry abuse 2015-06-23 18:01:59 -04:00
hfsplus_raw.h
inode.c
ioctl.c
Kconfig
Makefile
options.c fs: create and use seq_show_option for escaping 2015-09-04 16:54:41 -07:00
part_tbl.c
posix_acl.c posix_acl: Clear SGID bit when setting file permissions 2016-10-31 04:13:58 -06:00
super.c writeback: separate out include/linux/backing-dev-defs.h 2015-06-02 08:33:34 -06:00
tables.c
unicode.c
wrapper.c
xattr.c xattr handlers: Pass handler to operations instead of flags 2015-11-13 20:34:32 -05:00
xattr.h
xattr_security.c xattr handlers: Pass handler to operations instead of flags 2015-11-13 20:34:32 -05:00
xattr_trusted.c xattr handlers: Pass handler to operations instead of flags 2015-11-13 20:34:32 -05:00
xattr_user.c xattr handlers: Pass handler to operations instead of flags 2015-11-13 20:34:32 -05:00