RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-06-01 07:48:12 +00:00
Code Issues Activity Actions

Kernel: Disallow executing SUID binaries if process is jailed

Browse source 
Check if the process we are currently running is in a jail, and if that
is the case, fail early with the EPERM error code.

Also, as Brian noted, we should also disallow attaching to a jail in
case of already running within a setid executable, as this leaves the
user with false thinking of being secure (because you can't exec new
setid binaries), but the current program is still marked setid, which
means that at the very least we gained permissions while we didn't
expect it, so let's block it.
This commit is contained in:
Liav A 2022-12-23 13:51:47 +02:00 committed by Brian Gianforcaro
parent 0e010790a4
commit e598f22768
4 changed files with 23 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

1
Kernel/Process.h
View file

@ -118,6 +118,7 @@ class Process final
// FIXME: This should be a NonnullRefPtr
RefPtr<Credentials> credentials;
bool dumpable { false };
bool executable_is_setid { false };
Atomic<bool> has_promises { false };
Atomic<u32> promises { 0 };
Atomic<bool> has_execpromises { false };