[CRIU] [PATCH] files-reg: fix /proc/<pid>/* ownership for linkat restore
Dmitry Safonov
dsafonov at odin.com
Thu Dec 17 05:28:01 PST 2015
On 12/17/2015 03:58 PM, Pavel Emelyanov wrote:
> On 12/17/2015 03:25 PM, Dmitry Safonov wrote:
>> After linkat_hard with setfsuid permissions of files in
>> /proc/<pid>/* changes to root because of pid_getattr @ fs/proc/base.c
>> will fail to check has_pid_permissions() in ptrace_may_access()
> Wait, the __ptrace_may_access starts with
>
> if (same_thread_group(task, current))
> return 0;
>
> so writing to self is always granted.
Seems so, will check it.
>
>> Fix it with PR_SET_DUMPABLE.
>>
>> Cc: Andrew Vagin <avagin at virtuozzo.com>
>> Signed-off-by: Dmitry Safonov <dsafonov at odin.com>
>> ---
>> files-reg.c | 2 ++
>> 1 file changed, 2 insertions(+)
>>
>> diff --git a/files-reg.c b/files-reg.c
>> index 425dc04..082e46c 100644
>> --- a/files-reg.c
>> +++ b/files-reg.c
>> @@ -6,6 +6,7 @@
>> #include <sys/mman.h>
>> #include <sys/types.h>
>> #include <sys/stat.h>
>> +#include <sys/prctl.h>
>> #include <sys/vfs.h>
>> #include <ctype.h>
>>
>> @@ -1100,6 +1101,7 @@ static int linkat_hard(int odir, char *opath, int ndir, char *npath, uid_t owner
>> */
>> }
>> errno = errno_save;
>> + prctl(PR_SET_DUMPABLE, 1, 0);
>>
>> return ret;
>> }
>>
--
Regards,
Dmitry Safonov
More information about the CRIU
mailing list