From: Daniel Hokka Zakrisson <dhokka@cs.princeton.edu>
Date: Fri, 9 Jan 2009 20:35:45 +0000 (+0000)
Subject: Make sure only root in guests can write to /proc.
X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=d5caa748e69ae7020e7b8094b44e4b97174f6aa7;p=linux-2.6.git

Make sure only root in guests can write to /proc.
---

diff --git a/linux-2.6-700-fperm.patch b/linux-2.6-700-fperm.patch
index 50bdfd24d..cd6669fb7 100644
--- a/linux-2.6-700-fperm.patch
+++ b/linux-2.6-700-fperm.patch
@@ -82,7 +82,7 @@ diff -Nurp linux-2.6.22-690/fs/namei.c linux-2.6.22-700/fs/namei.c
 +
 +			if (vx_check(0, VS_ADMIN | VS_WATCH_P) ||
 +			    vx_flags(VXF_STATE_SETUP, 0) ||
-+			    vx_ccaps(VXC_PROC_WRITE))
++			    vx_capable(CAP_SYS_ADMIN, VXC_PROC_WRITE))
 +				return 0;
 +
 +			pid = PROC_I(inode)->pid;