HomeFreeBSD
Diffusion FreeBSD src repository 2d23f6c33431

copy_file_range: require CAP_SEEK capability
2d23f6c33431
Actions

Description

copy_file_range: require CAP_SEEK capability

When using copy_file_range(2) with an offset parameter,
the CAP_SEEK capability should be required.
This requirement is similar to the behavior observed with
pread(2)/pwrite(2).

Reported by: theraven
Reviewed by: emaste, theraven, kib, markj
Approved by: so
Security: FreeBSD-SA-23:13.capsicum
Security: CVE-2023-5369
Differential Revision: https://reviews.freebsd.org/D41967

(cherry picked from commit 15a51d3abaef27ddea66320cac7caa549738a1a6)
(cherry picked from commit 3f0ce63828dc3d4030b32ad0effb4e588af49c03)

Details

Provenance
oshogboAuthored on Sep 28 2023, 1:24 PM
gordonCommitted on Oct 3 2023, 9:24 PM
Reviewer
emaste
Differential Revision
D41967: copy_file_range: fix capabilities premissions
Parents
rG7d08a7e6908b: msdosfs: zero partially valid extended cluster
Branches
Unknown
Tags
Unknown

Changes (1)

PathSize
sys/
kern/

rG2d23f6c33431

View Options

sys/kern/vfs_syscalls.c

Loading...