Patchwork [quantal] Revert "UBUNTU: SAUCE: (no-up) AppArmor: Disable Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privs"

login
register
mail settings
Submitter John Johansen
Date Aug. 12, 2013, 9:23 p.m.
Message ID <52095240.7060704@canonical.com>
Download mbox | patch
Permalink /patch/266639/
State New
Headers show

Comments

John Johansen - Aug. 12, 2013, 9:23 p.m.
BugLink: http://bugs.launchpad.net/bugs/1202161

Reverts commit c27debc6b9cc939ac6919074f4ed3c82cb745ca5 which was fixed in
c29bceb3

Signed-off-by: John Johansen <john.johansen@canonical.com>
---
 security/apparmor/domain.c | 4 ----
 1 file changed, 4 deletions(-)
Stefan Bader - Aug. 13, 2013, 9:01 a.m.

Andy Whitcroft - Aug. 13, 2013, 9:02 a.m.
On Mon, Aug 12, 2013 at 02:23:12PM -0700, John Johansen wrote:
> BugLink: http://bugs.launchpad.net/bugs/1202161
> 
> Reverts commit c27debc6b9cc939ac6919074f4ed3c82cb745ca5 which was fixed in
> c29bceb3
> 
> Signed-off-by: John Johansen <john.johansen@canonical.com>
> ---
>  security/apparmor/domain.c | 4 ----
>  1 file changed, 4 deletions(-)
> 
> diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
> index 31a3f52..afa8671 100644
> --- a/security/apparmor/domain.c
> +++ b/security/apparmor/domain.c
> @@ -360,10 +360,6 @@ int apparmor_bprm_set_creds(struct linux_binprm *bprm)
>  	if (bprm->cred_prepared)
>  		return 0;
>  
> -	/* XXX: no_new_privs is not usable with AppArmor yet */
> -	if (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS)
> -		return -EPERM;
> -
>  	cxt = bprm->cred->security;
>  	BUG_ON(!cxt);
>  

Looks like we had this as a sauce patch, which also went upstream, and 
then you fixed it (in 3.4-rc4), and we rebased and the sauce version
survived the
process?

Cirtainly it looks appropriate to remove this.

Acked-by: Andy Whitcroft <apw@canonical.com>

-apw
John Johansen - Aug. 13, 2013, 9:08 a.m.
On 08/13/2013 02:02 AM, Andy Whitcroft wrote:
> On Mon, Aug 12, 2013 at 02:23:12PM -0700, John Johansen wrote:
>> BugLink: http://bugs.launchpad.net/bugs/1202161
>>
>> Reverts commit c27debc6b9cc939ac6919074f4ed3c82cb745ca5 which was fixed in
>> c29bceb3
>>
>> Signed-off-by: John Johansen <john.johansen@canonical.com>
>> ---
>>  security/apparmor/domain.c | 4 ----
>>  1 file changed, 4 deletions(-)
>>
>> diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
>> index 31a3f52..afa8671 100644
>> --- a/security/apparmor/domain.c
>> +++ b/security/apparmor/domain.c
>> @@ -360,10 +360,6 @@ int apparmor_bprm_set_creds(struct linux_binprm *bprm)
>>  	if (bprm->cred_prepared)
>>  		return 0;
>>  
>> -	/* XXX: no_new_privs is not usable with AppArmor yet */
>> -	if (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS)
>> -		return -EPERM;
>> -
>>  	cxt = bprm->cred->security;
>>  	BUG_ON(!cxt);
>>  
> 
> Looks like we had this as a sauce patch, which also went upstream, and 
yeah we picked it up as part of the patch set for lxc

> then you fixed it (in 3.4-rc4), and we rebased and the sauce version
> survived the
> process?
> 
I am not sure what happened there nor why I didn't noticed it was still
in place. We certainly are missing tests for this and that is something
that I need to fix

> Cirtainly it looks appropriate to remove this.
> 
> Acked-by: Andy Whitcroft <apw@canonical.com>
> 
> -apw
>
Andy Whitcroft - Aug. 13, 2013, 9:21 a.m.
Applied to Quantal.

-apw

Patch

diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
index 31a3f52..afa8671 100644
--- a/security/apparmor/domain.c
+++ b/security/apparmor/domain.c
@@ -360,10 +360,6 @@  int apparmor_bprm_set_creds(struct linux_binprm *bprm)
 	if (bprm->cred_prepared)
 		return 0;
 
-	/* XXX: no_new_privs is not usable with AppArmor yet */
-	if (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS)
-		return -EPERM;
-
 	cxt = bprm->cred->security;
 	BUG_ON(!cxt);