sys_setpriority error

• Previous message: Greg KH: "Re: Policy question"
• Reply: Chris Wright: "Re: sys_setpriority error"
• Reply: Chris Lundberg: "Re: sys_setpriority error"
• Reply: Jesse Pollard: "Re: sys_setpriority error"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hey,

I think there is a bit of a nasty bug in the current patched version of
sys_setpriority in sys.c.  The logic around line 217 gives normal users
the ability to renice things they shouldn't.  For example, using the
defaults for the security module allows anyone to renice anything, since
dummy_setnice returns zero by default.

I would recomend changing from:

no_nice = security_ops->task_ops->setnice(p, niceval);
if (p->uid != current->euid && 
	p->uid != currnet->uid && no_nice) {
error = -EPERM;
.
.
}

To something more like:

no_nice = security_ops->task_ops->setnice(p, niceval);
if ( (p->uid != current->euid && p->uid != currnet->uid)
	|| no_nice != 0) {
error = no_nice;
.
.
}

-Roy


_______________________________________________
linux-security-module mailing list
linux-security-moduleat_private
http://mail.wirex.com/mailman/listinfo/linux-security-module

• Next message: Stephen Smalley: "Re: Policy question"
• Previous message: Greg KH: "Re: Policy question"
• Reply: Chris Wright: "Re: sys_setpriority error"
• Reply: Chris Lundberg: "Re: sys_setpriority error"
• Reply: Jesse Pollard: "Re: sys_setpriority error"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed May 30 2001 - 11:46:22 PDT