--wRRV7LY7NUeQGEoC
Content-Type: text/plain; charset=us-ascii

Hi,
For security reasons (see tech-security, it's possible to create or ovveride
a file using a bug in find and symbolic links), I'd like to prevent core
dumps from following symlinks or overrinding existing files.
Patch appended below. If noone object I'll commit this tomorow and
request a pullup for 1.4.

I checked that this does the rigth thing, that is no coredump is created
if file exists (even if it's a symlink which doesn't point to anything),
but it is otherwise.

--
Manuel Bouyer, LIP6, Universite Paris VI.           Manuel.Bouyer@lip6.fr
--



--wRRV7LY7NUeQGEoC
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=diff

Index: kern_sig.c
===================================================================
RCS file: /cvsroot/syssrc/sys/kern/kern_sig.c,v
retrieving revision 1.92
diff -u -r1.92 kern_sig.c
--- kern_sig.c	1999/07/25 06:30:34	1.92
+++ kern_sig.c	1999/08/27 10:29:24
@@ -1297,7 +1297,12 @@
 		sprintf(name, "core");
 	else
 		sprintf(name, "%s.core", p->p_comm);
-	NDINIT(&nd, LOOKUP, FOLLOW, UIO_SYSSPACE, name, p);
+	NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_SYSSPACE, name, p);
+	error = namei(&nd);
+	if (error == 0)
+		return EEXIST;
+	if (error != ENOENT)
+		return error;
 	error = vn_open(&nd, O_CREAT | FWRITE, S_IRUSR | S_IWUSR);
 	if (error)
 		return (error);

--wRRV7LY7NUeQGEoC--