diff options
author | Christian Brauner <brauner@kernel.org> | 2022-11-22 11:40:32 +0100 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2023-03-03 11:52:25 +0100 |
commit | a591d9fd7001f9a71d648ef17a42aef19a3fd9f1 (patch) | |
tree | beaa5d369176fcea797e3ba4a6e20b319e313f44 | |
parent | 89f5f21b960ee81f2cdffdb0c862e500b7d1d902 (diff) | |
download | linux-riscv-a591d9fd7001f9a71d648ef17a42aef19a3fd9f1.tar.gz linux-riscv-a591d9fd7001f9a71d648ef17a42aef19a3fd9f1.tar.bz2 linux-riscv-a591d9fd7001f9a71d648ef17a42aef19a3fd9f1.zip |
fs: use consistent setgid checks in is_sxid()
commit 8d84e39d76bd83474b26cb44f4b338635676e7e8 upstream.
Now that we made the VFS setgid checking consistent an inode can't be
marked security irrelevant even if the setgid bit is still set. Make
this function consistent with all other helpers.
Note that enforcing consistent setgid stripping checks for file
modification and mode- and ownership changes will cause the setgid bit
to be lost in more cases than useed to be the case. If an unprivileged
user wrote to a non-executable setgid file that they don't have
privilege over the setgid bit will be dropped. This will lead to
temporary failures in some xfstests until they have been updated.
Reported-by: Miklos Szeredi <miklos@szeredi.hu>
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-rw-r--r-- | include/linux/fs.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/linux/fs.h b/include/linux/fs.h index ed555aa9bf48..f14ecbeab2a9 100644 --- a/include/linux/fs.h +++ b/include/linux/fs.h @@ -3549,7 +3549,7 @@ int __init list_bdev_fs_names(char *buf, size_t size); static inline bool is_sxid(umode_t mode) { - return (mode & S_ISUID) || ((mode & S_ISGID) && (mode & S_IXGRP)); + return mode & (S_ISUID | S_ISGID); } static inline int check_sticky(struct user_namespace *mnt_userns, |