* mm->dumpable = 0 regardless of the interpreter's
* permissions.
*/
- if (file_permission(interpreter, MAY_READ) < 0)
- bprm->interp_flags |= BINPRM_FLAGS_ENFORCE_NONDUMP;
+ would_dump(bprm, interpreter);
retval = kernel_read(interpreter, 0, bprm->buf,
BINPRM_BUF_SIZE);
* mm->dumpable = 0 regardless of the interpreter's
* permissions.
*/
- if (file_permission(interpreter, MAY_READ) < 0)
- bprm->interp_flags |= BINPRM_FLAGS_ENFORCE_NONDUMP;
+ would_dump(bprm, interpreter);
retval = kernel_read(interpreter, 0, bprm->buf,
BINPRM_BUF_SIZE);
/* if the binary is not readable than enforce mm->dumpable=0
regardless of the interpreter's permissions */
- if (file_permission(bprm->file, MAY_READ))
- bprm->interp_flags |= BINPRM_FLAGS_ENFORCE_NONDUMP;
+ would_dump(bprm, bprm->file);
allow_write_access(bprm->file);
bprm->file = NULL;
}
EXPORT_SYMBOL(flush_old_exec);
+void would_dump(struct linux_binprm *bprm, struct file *file)
+{
+ if (inode_permission(file->f_path.dentry->d_inode, MAY_READ) < 0)
+ bprm->interp_flags |= BINPRM_FLAGS_ENFORCE_NONDUMP;
+}
+EXPORT_SYMBOL(would_dump);
+
void setup_new_exec(struct linux_binprm * bprm)
{
int i, ch;
if (bprm->cred->uid != current_euid() ||
bprm->cred->gid != current_egid()) {
current->pdeath_signal = 0;
- } else if (file_permission(bprm->file, MAY_READ) ||
- bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP) {
- set_dumpable(current->mm, suid_dumpable);
+ } else {
+ would_dump(bprm, bprm->file);
+ if (bprm->interp_flags & BINPRM_FLAGS_ENFORCE_NONDUMP)
+ set_dumpable(current->mm, suid_dumpable);
}
/*
extern int search_binary_handler(struct linux_binprm *, struct pt_regs *);
extern int flush_old_exec(struct linux_binprm * bprm);
extern void setup_new_exec(struct linux_binprm * bprm);
+extern void would_dump(struct linux_binprm *, struct file *);
extern int suid_dumpable;
#define SUID_DUMP_DISABLE 0 /* No setuid dumping */
projects / openwrt / staging / blogic.git / commitdiff