* Roy S. Shea (rsheaat_private) wrote: > Hey, > > I think there is a bit of a nasty bug in the current patched version of > sys_setpriority in sys.c. The logic around line 217 gives normal users > the ability to renice things they shouldn't. For example, using the > defaults for the security module allows anyone to renice anything, since > dummy_setnice returns zero by default. > > I would recomend changing from: > > no_nice = security_ops->task_ops->setnice(p, niceval); > if (p->uid != current->euid && > p->uid != currnet->uid && no_nice) { > error = -EPERM; > . > . > } > > To something more like: > > no_nice = security_ops->task_ops->setnice(p, niceval); > if ( (p->uid != current->euid && p->uid != currnet->uid) > || no_nice != 0) { > error = no_nice; > . > . > } The dummy functions don't really provide much in the way of security. They fall some where between DAC and everybody is root. Stephen Smalley has suggested re-evaluating the dummy code and adding root checks to align with DAC. I am inclined to fix this in dummy_setnice rather than sys_setpriority. Any thoughts? -chris _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Wed May 30 2001 - 14:27:46 PDT