mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-11-01 00:48:50 +00:00
Code Issues Releases Wiki Activity
linux-stable/security
History
Eric W. Biederman 3b0c2d3eaa Revert 95ebabde38 ("capabilities: Don't allow writing ambiguous v3 file capabilities") 
It turns out that there are in fact userspace implementations that
care and this recent change caused a regression.

https://github.com/containers/buildah/issues/3071

As the motivation for the original change was future development,
and the impact is existing real world code just revert this change
and allow the ambiguity in v3 file caps.

Cc: stable@vger.kernel.org
Fixes: 95ebabde38 ("capabilities: Don't allow writing ambiguous v3 file capabilities")
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
2021-03-12 15:27:14 -06:00
..
apparmor apparmor: handle idmapped mounts 2021-01-24 14:27:20 +01:00
bpf bpf: Implement task local storage 2020-11-06 08:08:37 -08:00
integrity Keyrings miscellany 2021-02-23 16:09:23 -08:00
keys Keyrings miscellany 2021-02-23 16:09:23 -08:00
loadpin LSM: Add "contents" flag to kernel_read_file hook 2020-10-05 13:37:03 +02:00
lockdown Merge branch 'next-general' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2020-06-02 17:36:24 -07:00
safesetid LSM: SafeSetID: Fix warnings reported by test bot 2020-10-13 09:17:36 -07:00
selinux idmapped-mounts-v5.12 2021-02-23 13:39:45 -08:00
smack idmapped-mounts-v5.12 2021-02-23 13:39:45 -08:00
tomoyo tomoyo: recognize kernel threads correctly 2021-02-01 11:53:05 +09:00
yama task_work: cleanup notification modes 2020-10-17 15:05:30 -06:00
commoncap.c Revert 95ebabde38 ("capabilities: Don't allow writing ambiguous v3 file capabilities") 2021-03-12 15:27:14 -06:00
device_cgroup.c device_cgroup: Fix RCU list debugging warning 2020-08-20 11:25:03 -07:00
inode.c Merge branch 'work.mount0' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2019-07-19 10:42:02 -07:00
Kconfig Replace HTTP links with HTTPS ones: security 2020-08-06 12:00:05 -07:00
Kconfig.hardening security: allow using Clang's zero initialization for stack variables 2020-06-16 02:06:23 -07:00
lsm_audit.c make dump_common_audit_data() safe to be called from RCU pathwalk 2021-01-16 15:12:08 -05:00
Makefile device_cgroup: Cleanup cgroup eBPF device filter code 2020-04-13 14:41:54 -04:00
min_addr.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
security.c idmapped-mounts-v5.12 2021-02-23 13:39:45 -08:00