Fix nasty /proc vulnerability We have a bad interaction with both the kernel and user space being able to change some of the /proc file status. This fixes the most obvious part of it, but I expect we'll also make it harder for users to modify even their "own" files in /proc. Signed-off-by: Linus Torvalds <torvalds@osdl.org>

commit: 18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3 [log] [tgz]
author: Linus Torvalds <torvalds@g5.osdl.org> Fri Jul 14 16:51:34 2006 -0700
committer: Linus Torvalds <torvalds@g5.osdl.org> Fri Jul 14 16:51:34 2006 -0700
tree: b1a9c89bc546a71924ed7253f2f27afdeb82d297
parent: ab6cf0d0cb96417ef65cc2c2120c0e879edf7a4a [diff]
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 243a94a..0cb8f20 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c

@@ -1338,6 +1338,7 @@
 		} else {
 			inode->i_uid = 0;
 			inode->i_gid = 0;
+			inode->i_mode = 0;
 		}
 		security_task_to_inode(task, inode);
 		put_task_struct(task);
commit	18b0bbd8ca6d3cb90425aa0d77b99a762c6d6de3	[log] [tgz]
author	Linus Torvalds <torvalds@g5.osdl.org>	Fri Jul 14 16:51:34 2006 -0700
committer	Linus Torvalds <torvalds@g5.osdl.org>	Fri Jul 14 16:51:34 2006 -0700
tree	b1a9c89bc546a71924ed7253f2f27afdeb82d297
parent	ab6cf0d0cb96417ef65cc2c2120c0e879edf7a4a [diff]