summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorprovos <provos@openbsd.org>2000-11-18 22:16:49 +0000
committerprovos <provos@openbsd.org>2000-11-18 22:16:49 +0000
commitc6dbc6b5aa2067e37c61d5a40e8a1b019d862cb6 (patch)
treea1278e7d122e018319035f24e964f787b1b608cb
parentAdd an example for boot -c. (diff)
downloadwireguard-openbsd-c6dbc6b5aa2067e37c61d5a40e8a1b019d862cb6.tar.xz
wireguard-openbsd-c6dbc6b5aa2067e37c61d5a40e8a1b019d862cb6.zip
better permission check; okay art@, millert@
Diffstat
-rw-r--r--sys/kern/kern_event.c11
1 files changed, 9 insertions, 2 deletions
diff --git a/sys/kern/kern_event.c b/sys/kern/kern_event.c
index 730c5cfc9f2..4c5fed5e9ac 100644
--- a/sys/kern/kern_event.c
+++ b/sys/kern/kern_event.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kern_event.c,v 1.4 2000/11/17 06:34:23 provos Exp $ */
+/* $OpenBSD: kern_event.c,v 1.5 2000/11/18 22:16:49 provos Exp $ */
/*-
* Copyright (c) 1999,2000 Jonathan Lemon <jlemon@FreeBSD.org>
@@ -200,7 +200,14 @@ filt_procattach(struct knote *kn)
p = pfind(kn->kn_id);
if (p == NULL)
return (ESRCH);
- if (suser(p->p_ucred, &p->p_acflag) != 0)
+
+ /*
+ * Fail if it's not owned by you, or the last exec gave us
+ * setuid/setgid privs (unless you're root).
+ */
+ if ((p->p_cred->p_ruid != curproc->p_cred->p_ruid ||
+ (p->p_flag & P_SUGID)) &&
+ suser(curproc->p_ucred, &curproc->p_acflag) != 0)
return (EACCES);
kn->kn_ptr.p_proc = p;
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.