summaryrefslogtreecommitdiff
path: root/fs/exec.c
diff options
context:
space:
mode:
authorAl Viro <viro@zeniv.linux.org.uk>2011-06-19 12:49:47 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2011-07-20 01:43:10 -0400
commit1b5d783c94c328d406e801566f161adcfb018dda (patch)
treee7d27b987e0670099af28db0d6bfcdac33236046 /fs/exec.c
parent78f32a9b479e9b9f1ce2bf620a7602c1cdbc4c8e (diff)
downloadlinux-3.10-1b5d783c94c328d406e801566f161adcfb018dda.tar.gz
linux-3.10-1b5d783c94c328d406e801566f161adcfb018dda.tar.bz2
linux-3.10-1b5d783c94c328d406e801566f161adcfb018dda.zip
consolidate BINPRM_FLAGS_ENFORCE_NONDUMP handling
new helper: would_dump(bprm, file). Checks if we are allowed to read the file and if we are not - sets ENFORCE_NODUMP. Exported, used in places that previously open-coded the same logics. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs/exec.c')
-rw-r--r--fs/exec.c14
1 files changed, 11 insertions, 3 deletions
diff --git a/fs/exec.c b/fs/exec.c
index 6075a1e727a..f9f12ad299a 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1105,6 +1105,13 @@ out:
}
EXPORT_SYMBOL(flush_old_exec);
+void would_dump(struct linux_binprm *bprm, struct file *file)
+{
+ if (inode_permission(file->f_path.dentry->d_inode, MAY_READ) < 0)
+ bprm->interp_flags |= BINPRM_FLAGS_ENFORCE_NONDUMP;
+}
+EXPORT_SYMBOL(would_dump);
+
void setup_new_exec(struct linux_binprm * bprm)
{
int i, ch;
@@ -1144,9 +1151,10 @@ void setup_new_exec(struct linux_binprm * bprm)
if (bprm->cred->uid != current_euid() ||
bprm->cred->gid != current_egid()) {
current->pdeath_signal = 0;
- } else if (file_permission(bprm->file, MAY_READ) ||
- bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP) {
- set_dumpable(current->mm, suid_dumpable);
+ } else {
+ would_dump(bprm, bprm->file);
+ if (bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP)
+ set_dumpable(current->mm, suid_dumpable);
}
/*