Commit 98ecb31d authored by Dann Frazier's avatar Dann Frazier

* bugfix/cifs-honor-umask.patch

  [SECURITY] Make CIFS honor a process' umask
  See CVE-2007-3740

svn path=/dists/etch-security/linux-2.6/; revision=9544
parent 180381c4
......@@ -10,8 +10,11 @@ linux-2.6 (2.6.18.dfsg.1-13etch3) UNRELEASED; urgency=low
[SECURITY] Prevent OOPS during stack expansion when the VMA crosses
into address space reserved for hugetlb pages.
See CVE-2007-3739
* bugfix/cifs-honor-umask.patch
[SECURITY] Make CIFS honor a process' umask
See CVE-2007-3740
-- dann frazier <dannf@debian.org> Fri, 21 Sep 2007 10:36:12 -0600
-- dann frazier <dannf@debian.org> Mon, 24 Sep 2007 23:05:05 -0600
linux-2.6 (2.6.18.dfsg.1-13etch2) stable-security; urgency=high
......
From: Steve French <sfrench@us.ibm.com>
Date: Fri, 8 Jun 2007 14:55:14 +0000 (+0000)
Subject: [CIFS] CIFS should honour umask
X-Git-Tag: v2.6.22-rc5~50^2
X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=3ce53fc4c57603d99c330a6ee2fe96d94f2d350f
[CIFS] CIFS should honour umask
This patch makes CIFS honour a process' umask like other filesystems.
Of course the server is still free to munge the permissions if it wants
to; but the client will send the "right" permissions to begin with.
A few caveats:
1) It only applies to filesystems that have CAP_UNIX (aka support unix
extensions)
2) It applies the correct mode to the follow up CIFSSMBUnixSetPerms()
after remote creation
When mode to CIFS/NTFS ACL mapping is complete we can do the
same thing for that case for servers which do not
support the Unix Extensions.
Signed-off-by: Matt Keenen <matt@opcode-solutions.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
---
Backported to Debian's 2.6.18 by dann frazier <dannf@debian.org>
diff -urpN linux-source-2.6.18.orig/fs/cifs/dir.c linux-source-2.6.18/fs/cifs/dir.c
--- linux-source-2.6.18.orig/fs/cifs/dir.c 2006-09-19 21:42:06.000000000 -0600
+++ linux-source-2.6.18/fs/cifs/dir.c 2007-09-24 22:49:29.509100350 -0600
@@ -199,7 +199,8 @@ cifs_create(struct inode *inode, struct
/* If Open reported that we actually created a file
then we now have to set the mode if possible */
if ((cifs_sb->tcon->ses->capabilities & CAP_UNIX) &&
- (oplock & CIFS_CREATE_ACTION))
+ (oplock & CIFS_CREATE_ACTION)) {
+ mode &= ~current->fs->umask;
if(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SET_UID) {
CIFSSMBUnixSetPerms(xid, pTcon, full_path, mode,
(__u64)current->fsuid,
@@ -217,7 +218,7 @@ cifs_create(struct inode *inode, struct
cifs_sb->mnt_cifs_flags &
CIFS_MOUNT_MAP_SPECIAL_CHR);
}
- else {
+ } else {
/* BB implement mode setting via Windows security descriptors */
/* eg CIFSSMBWinSetPerms(xid,pTcon,full_path,mode,-1,-1,local_nls);*/
/* could set r/o dos attribute if mode & 0222 == 0 */
@@ -325,6 +326,7 @@ int cifs_mknod(struct inode *inode, stru
if(full_path == NULL)
rc = -ENOMEM;
else if (pTcon->ses->capabilities & CAP_UNIX) {
+ mode &= ~current->fs->umask;
if(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SET_UID) {
rc = CIFSSMBUnixSetPerms(xid, pTcon, full_path,
mode,(__u64)current->fsuid,(__u64)current->fsgid,
diff -urpN linux-source-2.6.18.orig/fs/cifs/inode.c linux-source-2.6.18/fs/cifs/inode.c
--- linux-source-2.6.18.orig/fs/cifs/inode.c 2007-09-18 16:46:11.000000000 -0600
+++ linux-source-2.6.18/fs/cifs/inode.c 2007-09-24 22:50:34.825099389 -0600
@@ -751,7 +751,8 @@ int cifs_mkdir(struct inode *inode, stru
d_instantiate(direntry, newinode);
if (direntry->d_inode)
direntry->d_inode->i_nlink = 2;
- if (cifs_sb->tcon->ses->capabilities & CAP_UNIX)
+ if (cifs_sb->tcon->ses->capabilities & CAP_UNIX) {
+ mode &= ~current->fs->umask;
if (cifs_sb->mnt_cifs_flags & CIFS_MOUNT_SET_UID) {
CIFSSMBUnixSetPerms(xid, pTcon, full_path,
mode,
@@ -769,7 +770,7 @@ int cifs_mkdir(struct inode *inode, stru
cifs_sb->mnt_cifs_flags &
CIFS_MOUNT_MAP_SPECIAL_CHR);
}
- else {
+ } else {
/* BB to be implemented via Windows secrty descriptors
eg CIFSSMBWinSetPerms(xid, pTcon, full_path, mode,
-1, -1, local_nls); */
+ bugfix/ptrace-handle-bogus-selector.patch
+ bugfix/fixup-trace_irq-breakage.patch
+ bugfix/prevent-stack-growth-into-hugetlb-region.patch
+ bugfix/cifs-honor-umask.patch
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment