details: https://anonhg.NetBSD.org/src/rev/8adceb6e2708
branches: netbsd-3
changeset: 577422:8adceb6e2708
user: tron <tron%NetBSD.org@localhost>
date: Mon Oct 31 13:25:31 2005 +0000
description:
Apply patch (requested by dan in ticket #922):
Don't clear unconditionally P_SUGID when we exec. Clear it only when
the real and effective user and group ids match. From Tavis Ormandy.
diffstat:
sys/kern/kern_exec.c | 11 +++++++----
1 files changed, 7 insertions(+), 4 deletions(-)
diffs (32 lines):
diff -r f75c62780d3d -r 8adceb6e2708 sys/kern/kern_exec.c
--- a/sys/kern/kern_exec.c Sun Oct 30 18:19:15 2005 +0000
+++ b/sys/kern/kern_exec.c Mon Oct 31 13:25:31 2005 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: kern_exec.c,v 1.194.4.10 2005/09/18 20:09:50 tron Exp $ */
+/* $NetBSD: kern_exec.c,v 1.194.4.11 2005/10/31 13:25:31 tron Exp $ */
/*-
* Copyright (C) 1993, 1994, 1996 Christopher G. Demetriou
@@ -33,7 +33,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.194.4.10 2005/09/18 20:09:50 tron Exp $");
+__KERNEL_RCSID(0, "$NetBSD: kern_exec.c,v 1.194.4.11 2005/10/31 13:25:31 tron Exp $");
#include "opt_ktrace.h"
#include "opt_syscall_debug.h"
@@ -750,8 +750,11 @@
p->p_ucred->cr_uid = attr.va_uid;
if (attr.va_mode & S_ISGID)
p->p_ucred->cr_gid = attr.va_gid;
- } else
- p->p_flag &= ~P_SUGID;
+ } else {
+ if (p->p_ucred->cr_uid == p->p_cred->p_ruid &&
+ p->p_ucred->cr_gid == p->p_cred->p_rgid)
+ p->p_flag &= ~P_SUGID;
+ }
p->p_cred->p_svuid = p->p_ucred->cr_uid;
p->p_cred->p_svgid = p->p_ucred->cr_gid;