FEX-Emu/linux
1
0
Fork 0
mirror of https://github.com/FEX-Emu/linux.git synced 2025-01-01 06:42:31 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
571d2f0c34
linux/arch/um/os-Linux
History
Mickaël Salaün 571d2f0c34 um: Do not set unsecure permission for temporary file 
Remove the insecure 0777 mode for temporary file to prohibit other users
to change the executable mapped code.

An attacker could gain access to the mapped file descriptor from the
temporary file (before it is unlinked) in a read-only mode but it should
not be accessible in write mode to avoid arbitrary code execution.

To not change the hostfs behavior, the temporary file creation
permission now depends on the current umask(2) and the implementation of
mkstemp(3).

Signed-off-by: Mickaël Salaün <mic@digikod.net>
Cc: Jeff Dike <jdike@addtoit.com>
Cc: Richard Weinberger <richard@nod.at>
Acked-by: Tristan Schmelcher <tschmelcher@google.com>
Signed-off-by: Richard Weinberger <richard@nod.at>
2016-01-10 21:49:50 +01:00
..
drivers Merge branch 'for-linus-4.2-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/uml 2015-06-28 13:55:08 -07:00
skas um: Fix ptrace GETREGS/SETREGS bugs 2016-01-10 21:49:48 +01:00
aio.c um: Cleanup SIGTERM handling 2013-09-07 10:56:58 +02:00
elf_aux.c um: get rid of pointless include "..." where include <...> will do 2012-10-09 22:28:45 +02:00
execvp.c um: get rid of pointless include "..." where include <...> will do 2012-10-09 22:28:45 +02:00
file.c um: Update UBD to use pread/pwrite family of functions 2016-01-10 21:49:48 +01:00
helper.c um: Fix waitpid() usage in helper code 2015-10-19 22:53:37 +02:00
irq.c um: get rid of pointless include "..." where include <...> will do 2012-10-09 22:28:45 +02:00
main.c um: Switch clocksource to hrtimers 2015-11-06 22:54:49 +01:00
Makefile um: use the right ifdef around exports in user_syms.c 2012-03-25 00:29:55 +01:00
mem.c um: Do not set unsecure permission for temporary file 2016-01-10 21:49:50 +01:00
process.c um: Switch clocksource to hrtimers 2015-11-06 22:54:49 +01:00
registers.c um: get rid of pointless include "..." where include <...> will do 2012-10-09 22:28:45 +02:00
sigio.c um: Cleanup SIGTERM handling 2013-09-07 10:56:58 +02:00
signal.c um: Prevent IRQ handler reentrancy 2016-01-10 21:49:47 +01:00
start_up.c uml: flush stdout before forking 2016-01-10 21:49:47 +01:00
time.c um: Switch clocksource to hrtimers 2015-11-06 22:54:49 +01:00
tty.c um: get rid of pointless include "..." where include <...> will do 2012-10-09 22:28:45 +02:00
umid.c um: get rid of pointless include "..." where include <...> will do 2012-10-09 22:28:45 +02:00
user_syms.c um: get rid of pointless include "..." where include <...> will do 2012-10-09 22:28:45 +02:00
util.c um: Cleanup SIGTERM handling 2013-09-07 10:56:58 +02:00