[PATCH] check attr updates in /proc

Any proc entry with default proc_file_inode_operations allow unauthorized attribute updates. This is very dangerous for proc entries that rely solely on file permissions for open/read/write. Signed-off-by: Chris Wright <chrisw@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>

[PATCH] check attr updates in /proc
Any proc entry with default proc_file_inode_operations allow unauthorized attribute updates. This is very dangerous for proc entries that rely solely on file permissions for open/read/write. Signed-off-by: Chris Wright <chrisw@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
9da9210d · Chris Wright · Linus Torvalds · 4e58aec8 · 9da9210d
Commit 9da9210d authored Jul 02, 2004 by Chris Wright Committed by Linus Torvalds Jul 02, 2004
Hide whitespace changes
Inline Side-by-side

Showing with 14 additions and 7 deletions

fs/proc/generic.c fs/proc/generic.c +14 -7

No files found.
--- a/fs/proc/generic.c
+++ b/fs/proc/generic.c
@@ -231,14 +231,21 @@ proc_file_lseek(struct file *file, loff_t offset, int orig)
 static int proc_notify_change(struct dentry *dentry, struct iattr *iattr)
 {
 	struct inode *inode = dentry->d_inode;
-	int error = inode_setattr(inode, iattr);
-	if (!error) {
-		struct proc_dir_entry *de = PDE(inode);
-		de->uid = inode->i_uid;
-		de->gid = inode->i_gid;
-		de->mode = inode->i_mode;
-	}
+	struct proc_dir_entry *de = PDE(inode);
+	int error;
+
+	error = inode_change_ok(inode, iattr);
+	if (error)
+		goto out;

+	error = inode_setattr(inode, iattr);
+	if (error)
+		goto out;
+	
+	de->uid = inode->i_uid;
+	de->gid = inode->i_gid;
+	de->mode = inode->i_mode;
+out:
 	return error;
 }