Patchwork [raring,lowlatency] Revert "UBUNTU: SAUCE: (no-up) AppArmor: Disable Add PR_{GET, SET}_NO_NEW_PRIVS to prevent execve from granting privs"

login
register
mail settings
Submitter John Johansen
Date Aug. 12, 2013, 9:23 p.m.
Message ID <52095246.4070409@canonical.com>
Download mbox | patch
Permalink /patch/266640/
State New
Headers show

Comments

John Johansen - Aug. 12, 2013, 9:23 p.m.
BugLink: http://bugs.launchpad.net/bugs/1202161

Reverts commit f9b1d1b883eef77ed65b8457699dcbd551a3f039 which was fixed in c29bceb3

Signed-off-by: John Johansen <john.johansen@canonical.com>
---
 security/apparmor/domain.c | 4 ----
 1 file changed, 4 deletions(-)
Stefan Bader - Aug. 13, 2013, 9:01 a.m.

Tim Gardner - Aug. 13, 2013, 12:23 p.m.
lowlatency is a rebase against master, so there is no need to apply this
patch.

Patch

diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
index a4d5c9c..4625a28 100644
--- a/security/apparmor/domain.c
+++ b/security/apparmor/domain.c
@@ -360,10 +360,6 @@  int apparmor_bprm_set_creds(struct linux_binprm *bprm)
 	if (bprm->cred_prepared)
 		return 0;
 
-	/* XXX: no_new_privs is not usable with AppArmor yet */
-	if (bprm->unsafe & LSM_UNSAFE_NO_NEW_PRIVS)
-		return -EPERM;
-
 	cxt = bprm->cred->security;
 	BUG_ON(!cxt);