linux-toradex.git - Linux kernel for Apalis, Colibri and Verdin modules

diff options

author	Oleg Nesterov <oleg@redhat.com>	2009-04-06 16:16:02 +0200
committer	Greg Kroah-Hartman <gregkh@suse.de>	2009-05-02 10:24:55 -0700
commit	9460a617660c1d5f3d6fdf0f6163939a67ed7f9c (patch)
tree	1bc3709a1b1b35dacdcfbfc559ed02183e2c23fe /kernel/sched.c
parent	5a80273150a8a1725fa70418d106eb1f2ee8fd2f (diff)

exit_notify: kill the wrong capable(CAP_KILL) check (CVE-2009-1337)

CVE-2009-1337 commit 432870dab85a2f69dc417022646cb9a70acf7f94 upstream. The CAP_KILL check in exit_notify() looks just wrong, kill it. Whatever logic we have to reset ->exit_signal, the malicious user can bypass it if it execs the setuid application before exiting. Signed-off-by: Oleg Nesterov <oleg@redhat.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Acked-by: Roland McGrath <roland@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>

Diffstat (limited to 'kernel/sched.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: