diff options
| author |   deraadt <deraadt@openbsd.org> | 1997-08-01 22:54:49 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 1997-08-01 22:54:49 +0000 |
| commit | 3bc0062f3839f08669e1eada52e8c31f49d51a7c (patch) | |
| tree | c4a52be94a365d9ab066e76c99687ca0e90b1b62 | |
| parent | updates for 3.11 (diff) | |
| download | wireguard-openbsd-3bc0062f3839f08669e1eada52e8c31f49d51a7c.tar.xz wireguard-openbsd-3bc0062f3839f08669e1eada52e8c31f49d51a7c.zip | |
only allow setuid if fd_refcnt == 1, due to rfork
| -rw-r--r-- | sys/kern/kern_exec.c | 5 | ||||
| -rw-r--r-- | sys/kern/kern_fork.c | 4 |
2 files changed, 4 insertions, 5 deletions
diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index afef8c589d9..4dfb48a0e9c 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_exec.c,v 1.11 1997/06/05 08:05:54 deraadt Exp $ */ +/* $OpenBSD: kern_exec.c,v 1.12 1997/08/01 22:54:50 deraadt Exp $ */ /* $NetBSD: kern_exec.c,v 1.75 1996/02/09 18:59:28 christos Exp $ */ /*- @@ -124,7 +124,8 @@ check_exec(p, epp) error = EACCES; goto bad1; } - if ((vp->v_mount->mnt_flag & MNT_NOSUID) || (p->p_flag & P_TRACED)) + if ((vp->v_mount->mnt_flag & MNT_NOSUID) || + (p->p_flag & P_TRACED) || p->p_fd->fd_refcnt > 1) epp->ep_vap->va_mode &= ~(VSUID | VSGID); /* check access. for root we have to see if any exec bit on */ diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c index f87e27995c7..c0b75327368 100644 --- a/sys/kern/kern_fork.c +++ b/sys/kern/kern_fork.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_fork.c,v 1.10 1997/08/01 21:59:13 deraadt Exp $ */ +/* $OpenBSD: kern_fork.c,v 1.11 1997/08/01 22:54:49 deraadt Exp $ */ /* $NetBSD: kern_fork.c,v 1.29 1996/02/09 18:59:34 christos Exp $ */ /* @@ -130,8 +130,6 @@ fork1(p1, forktype, rforkflags, retval) return (EINVAL); /* XXX unimplimented */ if (rforkflags & RFCFDG) cleanfd = 1; - if (dupfd == 0) - return (EPERM); } /* |