[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[plamo:28798] linux-2.6.23.14が出ています。
-
From:名倉昭一
-
Date:Tue, 15 Jan 2008 09:49:44 +0900 (JST)
- Subject: [plamo:28798] linux-2.6.23.14が出ています。
- From: 名倉昭一<nagura-s@xxxxxxxxxxxx>
- Date: Tue, 15 Jan 2008 09:49:42 +0900
名倉 です。
linux-2.6.23.14が出ています。
以下はChangeLog-2.6.23.14のコピーです。
commit 5b59039024e391cd5014db41ca8a89f0e2a0dabe
Author: Greg Kroah-Hartman <gregkh@xxxxxxx>
Date: Mon Jan 14 12:49:56 2008 -0800
Linux 2.6.23.14
commit 3093d39c9361dae001efaea9279b0b23e38f049c
Author: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Sat Jan 12 14:06:34 2008 -0800
Use access mode instead of open flags to determine needed permissions (CVE-2008-0001)
patch 974a9f0b47da74e28f68b9c8645c3786aa5ace1a in mainline
Way back when (in commit 834f2a4a1554dc5b2598038b3fe8703defcbe467, aka
"VFS: Allow the filesystem to return a full file pointer on open intent"
to be exact), Trond changed the open logic to keep track of the original
flags to a file open, in order to pass down the the intent of a dentry
lookup to the low-level filesystem.
However, when doing that reorganization, it changed the meaning of
namei_flags, and thus inadvertently changed the test of access mode for
directories (and RO filesystem) to use the wrong flag. So fix those
test back to use access mode ("acc_mode") rather than the open flag
("flag").
Issue noticed by Bill Roman at Datalight.
Reported-and-tested-by: Bill Roman <bill.roman@xxxxxxxxxxxxx>
Acked-by: Trond Myklebust <Trond.Myklebust@xxxxxxxxxx>
Acked-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Cc: Christoph Hellwig <hch@xxxxxx>
Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>
[検索ページ]
[メール一覧]
Plamo ML 公開システム