aboutsummaryrefslogtreecommitdiff
path: root/Documentation/ramdisk.txt
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2006-04-10 17:01:40 +0000
committerGreg Kroah-Hartman <gregkh@suse.de>2006-04-10 21:48:21 -0700
commit5494bd6a500cc7c5a502279eabfbdacccd4b89d1 (patch)
treea1013355c5ff3d8b02245e3a91c52ac5e3b52c40 /Documentation/ramdisk.txt
parentdbb676d1214c181e6cde4ce67b7bf012d071f1ed (diff)
[PATCH] Keys: Fix oops when adding key to non-keyring [CVE-2006-1522]
This fixes the problem of an oops occuring when a user attempts to add a key to a non-keyring key [CVE-2006-1522]. The problem is that __keyring_search_one() doesn't check that the keyring it's been given is actually a keyring. I've fixed this problem by: (1) declaring that caller of __keyring_search_one() must guarantee that the keyring is a keyring; and (2) making key_create_or_update() check that the keyring is a keyring, and return -ENOTDIR if it isn't. This can be tested by: keyctl add user b b `keyctl add user a a @s` Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Linus Torvalds <torvalds@osdl.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'Documentation/ramdisk.txt')
0 files changed, 0 insertions, 0 deletions