deal with races in /proc/*/{syscall,stack,personality}
commit
a9712bc12c40c172e393f85a9b2ba8db4bf59509 upstream.
All of those are rw-r--r-- and all are broken for suid - if you open
a file before the target does suid-root exec, you'll be still able
to access it. For personality it's not a big deal, but for syscall
and stack it's a real problem.
Fix: check that task is tracable for you at the time of read().
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
[PG: in .34 cred_guard_mutex is in task, not task->signal]
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
projects / karo-tx-linux.git / commit