From: Eric W. Biederman <ebiederm@xmission.com>
Date: Sun, 14 Apr 2013 20:47:02 +0000 (-0700)
Subject: userns: Don't let unprivileged users trick privileged users into setting the id_map
X-Git-Tag: v3.9-rc8~11^2~2
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6708075f104c3c9b04b23336bb0366ca30c3931b;p=pandora-kernel.git

userns: Don't let unprivileged users trick privileged users into setting the id_map

When we require privilege for setting /proc/<pid>/uid_map or
/proc/<pid>/gid_map no longer allow an unprivileged user to
open the file and pass it to a privileged program to write
to the file.

Instead when privilege is required require both the opener and the
writer to have the necessary capabilities.

I have tested this code and verified that setting /proc/<pid>/uid_map
fails when an unprivileged user opens the file and a privielged user
attempts to set the mapping, that unprivileged users can still map
their own id, and that a privileged users can still setup an arbitrary
mapping.

Reported-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
---

Reading git-diff-tree failed