kernel: Only expose su when daemon is running

It has been claimed that the PG implementation of 'su' has security vulnerabilities even when disabled. Unfortunately, the people that find these vulnerabilities often like to keep them private so they can profit from exploits while leaving users exposed to malicious hackers. In order to reduce the attack surface for vulnerabilites, it is therefore necessary to make 'su' completely inaccessible when it is not in use (except by the root and system users). Change-Id: I79716c72f74d0b7af34ec3a8054896c6559a181d
author: Tom Marshall <tdm.code@gmail.com> 2017-01-25 18:01:03 +0100
committer: Mister Oyster <oysterized@gmail.com> 2017-05-21 19:16:22 +0200
commit: b93332000206a6748fa7854991b9a221ffc73ec7 (patch)
tree: 914ce9693c4abe00c1308b8717201666efb2a8cc /fs/exec.c
parent: 9463ff35f8e31e6c88866dfc236c95a66747190c (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/fs/exec.c b/fs/exec.c
index 240a38eeb..e8a3ee5dd 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -1572,6 +1572,11 @@ static int do_execve_common(const char *filename,
 	if (retval < 0)
 		goto out;
 
+	if (d_is_su(file->f_dentry) && capable(CAP_SYS_ADMIN)) {
+		current->flags |= PF_SU;
+		su_exec();
+	}
+
 	/* execve succeeded */
 	current->fs->in_exec = 0;
 	current->in_execve = 0;
author	Tom Marshall <tdm.code@gmail.com>	2017-01-25 18:01:03 +0100
committer	Mister Oyster <oysterized@gmail.com>	2017-05-21 19:16:22 +0200
commit	b93332000206a6748fa7854991b9a221ffc73ec7 (patch)
tree	914ce9693c4abe00c1308b8717201666efb2a8cc /fs/exec.c
parent	9463ff35f8e31e6c88866dfc236c95a66747190c (diff)