diff options
| author |   takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> | 2020-11-02 11:07:33 +0900 |
|---|---|---|
| committer | takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> | 2020-11-02 11:07:33 +0900 |
| commit | 1c7d6584a7811b7785ae5c1e378f14b5ba0971cf (patch) | |
| tree | cd70a267a5ef105ba32f200aa088e281fbd85747 /bsp/meta-renesas/meta-rcar-gen3/recipes-core/systemd/systemd/add-non-owned-item-for-safe-transitioning.patch | |
| parent | 4204309872da5cb401cbb2729d9e2d4869a87f42 (diff) | |
basesystem-jjsandbox/ToshikazuOhiwa/master-jj
recipes
Diffstat (limited to 'bsp/meta-renesas/meta-rcar-gen3/recipes-core/systemd/systemd/add-non-owned-item-for-safe-transitioning.patch')
| -rw-r--r-- | bsp/meta-renesas/meta-rcar-gen3/recipes-core/systemd/systemd/add-non-owned-item-for-safe-transitioning.patch | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/bsp/meta-renesas/meta-rcar-gen3/recipes-core/systemd/systemd/add-non-owned-item-for-safe-transitioning.patch b/bsp/meta-renesas/meta-rcar-gen3/recipes-core/systemd/systemd/add-non-owned-item-for-safe-transitioning.patch new file mode 100644 index 00000000..631db30e --- /dev/null +++ b/bsp/meta-renesas/meta-rcar-gen3/recipes-core/systemd/systemd/add-non-owned-item-for-safe-transitioning.patch @@ -0,0 +1,14 @@ +diff --git a/src/basic/fs-util.c b/src/basic/fs-util.c +index b2ac648..553a77a 100644 +--- a/src/basic/fs-util.c ++++ b/src/basic/fs-util.c +@@ -668,6 +668,9 @@ static bool unsafe_transition(const struct stat *a, const struct stat *b) { + if (a->st_uid == 0) /* Transitioning from privileged to unprivileged is always fine */ + return false; + ++ if (b->st_uid == 65534) /* Transitioning to a non-owned is OK too */ ++ return false; ++ + return a->st_uid != b->st_uid; /* Otherwise we need to stay within the same UID */ + } + |