diff options
author | Daniel Mentz <danielmentz@google.com> | 2017-07-07 11:27:31 -0700 |
---|---|---|
committer | Daniel Mentz <danielmentz@google.com> | 2017-07-21 11:09:08 -0700 |
commit | 362e08d2572fd592b6a5322763977d898ebefba2 (patch) | |
tree | 8268adac315acb7214f7aaf03fa0244a62291208 /kernel | |
parent | 59ff2e15be118b70755d9709be67ed1b842cd5e6 (diff) |
Revert "proc: smaps: Allow smaps access for CAP_SYS_RESOURCE"
This reverts commit 9d19f72b43f495f6f1ef1268dbed1bbade8dea24.
This fixes CVE-2017-0710.
SELinux allows more fine grained control: We grant processes that need
access to smaps CAP_SYS_PTRACE but prohibit them from using ptrace
attach().
Bug: 34951864
Bug: 36468447
Change-Id: I8ea67f8771ec212950bc251ee750bd8a7e7c0643
Signed-off-by: Daniel Mentz <danielmentz@google.com>
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/fork.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/kernel/fork.c b/kernel/fork.c index 968917653c2c..68cfda1c1800 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -827,8 +827,7 @@ struct mm_struct *mm_access(struct task_struct *task, unsigned int mode) mm = get_task_mm(task); if (mm && mm != current->mm && - !ptrace_may_access(task, mode) && - !capable(CAP_SYS_RESOURCE)) { + !ptrace_may_access(task, mode)) { mmput(mm); mm = ERR_PTR(-EACCES); } |