diff options
author | Andrew G. Morgan <morgan@kernel.org> | 2021-09-01 20:08:14 -0700 |
---|---|---|
committer | Andrew G. Morgan <morgan@kernel.org> | 2021-09-01 20:08:14 -0700 |
commit | 0cba26fca376c34fa715b31b915ea0adee5d77ce (patch) | |
tree | 89ffdfc6f86d14e66dd261a057e9829a779c2612 | |
parent | 2762c2c1a8c98d9012fcd40f20d133493a0b3219 (diff) | |
download | libcap2-0cba26fca376c34fa715b31b915ea0adee5d77ce.tar.gz |
sucap/su should start with an empty INHERITABLE flag.
Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
-rw-r--r-- | contrib/sucap/su.c | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/contrib/sucap/su.c b/contrib/sucap/su.c index 5c98e5f..d72a69a 100644 --- a/contrib/sucap/su.c +++ b/contrib/sucap/su.c @@ -1352,7 +1352,7 @@ static int perform_launch_and_cleanup(cap_t all, int is_login, char * const * shell_env; cap_launch_t launcher; pid_t child; - + cap_iab_t iab; /* * Break up the shell command into a command and arguments @@ -1387,6 +1387,16 @@ static int perform_launch_and_cleanup(cap_t all, int is_login, return PAM_SYSTEM_ERR; } + iab = cap_iab_get_proc(); + if (iab == NULL) { + D(("failed to read IAB value of process")); + return PAM_SYSTEM_ERR; + } + if (cap_set_proc(all) != 0) { + D(("failed to restore process capabilities")); + return PAM_SYSTEM_ERR; + } + launcher = cap_new_launcher(shell_args[0], (const char * const *) &shell_args[1], (const char * const *) shell_env); @@ -1394,7 +1404,7 @@ static int perform_launch_and_cleanup(cap_t all, int is_login, D(("failed to initialize launcher")); return PAM_SYSTEM_ERR; } - cap_launcher_set_iab(launcher, cap_iab_get_proc()); + cap_launcher_set_iab(launcher, iab); cap_launcher_callback(launcher, launch_callback_fn); child = cap_launch(launcher, pamh); @@ -1446,6 +1456,7 @@ int main(int argc, char *argv[]) all = cap_get_proc(); cap_fill(all, CAP_EFFECTIVE, CAP_PERMITTED); + cap_clear_flag(all, CAP_INHERITABLE); checkfds(); @@ -1553,7 +1564,7 @@ int main(int argc, char *argv[]) goto utmp_closer; } - status = perform_launch_and_cleanup(t_caps, is_login, shell, command); + status = perform_launch_and_cleanup(all, is_login, shell, command); close_session(pamh, all); utmp_closer: |