Skip to content

Commit

Permalink
---
Browse files Browse the repository at this point in the history 
yaml
---
r: 74369
b: refs/heads/master
c: 8ec2328
h: refs/heads/master
i:
  74367: d85c5fd
v: v3
  • Loading branch information
Serge E. Hallyn authored and Linus Torvalds committed Nov 29, 2007
1 parent 9b6cbf0 commit 7dbdb82
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 1 deletion.
2 changes: 1 addition & 1 deletion [refs]
View file
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
---
refs/heads/master: d0eec99ce50baa5cc2ac02363cdb2a771ed4e1e2
refs/heads/master: 8ec2328f1138a58eaea55ec6150985a1623b01c5
9 changes: 9 additions & 0 deletions trunk/security/commoncap.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -526,6 +526,15 @@ int cap_task_kill(struct task_struct *p, struct siginfo *info,
if (info != SEND_SIG_NOINFO && (is_si_special(info) || SI_FROMKERNEL(info)))
return 0;

/*
* Running a setuid root program raises your capabilities.
* Killing your own setuid root processes was previously
* allowed.
* We must preserve legacy signal behavior in this case.
*/
if (p->euid == 0 && p->uid == current->uid)
return 0;

/* sigcont is permitted within same session */
if (sig == SIGCONT && (task_session_nr(current) == task_session_nr(p)))
return 0;
Expand Down

0 comments on commit 7dbdb82

Please sign in to comment.