[PATCH] lsm: setfsuid/setgsuid bug fix (4/4)
Patch from Jakub Jelínek <jakub@redhat.com> Make sure setfsuid/setfsgid return values are right. Before include/linux/security.h was added, setfsuid/setfsgid always returned old_fsuid, no matter if the fsuid was actually changed or not. With the default security ops it seems to do the same, because both security_task_setuid and security_task_post_setuid return 0, but these are hooks which seem to return 0 on success, -errno on failure, so if some non-default security hook is installed and ever returns -errno in setfsuid/setfsgid, -errno will be returned from the syscall instead of the expected old_fsuid. This makes it hard to distinguish uids 0xfffff001 .. 0xffffffff from errors of security hooks.
Showing
Please register or sign in to comment