diff options
| author |   deraadt <deraadt@openbsd.org> | 2015-08-31 16:13:11 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2015-08-31 16:13:11 +0000 |
| commit | e0278768757ba68c6cc7b76fa2f94c87b6cd1a22 (patch) | |
| tree | 153281acadbaa0de00b2c523485180f129da9136 | |
| parent | Rather than killing when *chmod is asked to do setuid/setgid, clear (diff) | |
| download | wireguard-openbsd-e0278768757ba68c6cc7b76fa2f94c87b6cd1a22.tar.xz wireguard-openbsd-e0278768757ba68c6cc7b76fa2f94c87b6cd1a22.zip | |
In tame mode, return EPERM for *chown if uid/gid change is not towards
cr_uid/cr_gid (effective ids). Thus, chown(, -1,-1) should work OK, so
should chown(, me, -1), etc. With this commited, more people can test.
| -rw-r--r-- | sys/kern/vfs_syscalls.c | 26 |
1 files changed, 22 insertions, 4 deletions
diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index e9b6086638f..0636ee5cc63 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vfs_syscalls.c,v 1.226 2015/08/31 16:07:12 deraadt Exp $ */ +/* $OpenBSD: vfs_syscalls.c,v 1.227 2015/08/31 16:13:11 deraadt Exp $ */ /* $NetBSD: vfs_syscalls.c,v 1.71 1996/04/23 10:29:02 mycroft Exp $ */ /* @@ -2102,8 +2102,14 @@ dofchownat(struct proc *p, int fd, const char *path, uid_t uid, gid_t gid, if (vp->v_mount->mnt_flag & MNT_RDONLY) error = EROFS; else { + if ((p->p_p->ps_flags & PS_TAMED) && + ((uid != -1 && uid != p->p_ucred->cr_uid) || + (gid != -1 && gid != p->p_ucred->cr_gid))) { + error = EPERM; + goto out; + } if ((uid != -1 || gid != -1) && - (suser(p, 0) || (p->p_p->ps_flags & PS_TAMED) || suid_clear)) { + (suser(p, 0) || suid_clear)) { error = VOP_GETATTR(vp, &vattr, p->p_ucred, p); if (error) goto out; @@ -2152,8 +2158,14 @@ sys_lchown(struct proc *p, void *v, register_t *retval) if (vp->v_mount->mnt_flag & MNT_RDONLY) error = EROFS; else { + if ((p->p_p->ps_flags & PS_TAMED) && + ((uid != -1 && uid != p->p_ucred->cr_uid) || + (gid != -1 && gid != p->p_ucred->cr_gid))) { + error = EPERM; + goto out; + } if ((uid != -1 || gid != -1) && - (suser(p, 0) || (p->p_p->ps_flags & PS_TAMED) || suid_clear)) { + (suser(p, 0) || suid_clear)) { error = VOP_GETATTR(vp, &vattr, p->p_ucred, p); if (error) goto out; @@ -2200,8 +2212,14 @@ sys_fchown(struct proc *p, void *v, register_t *retval) if (vp->v_mount->mnt_flag & MNT_RDONLY) error = EROFS; else { + if ((p->p_p->ps_flags & PS_TAMED) && + ((uid != -1 && uid != p->p_ucred->cr_uid) || + (gid != -1 && gid != p->p_ucred->cr_gid))) { + error = EPERM; + goto out; + } if ((uid != -1 || gid != -1) && - (suser(p, 0) || (p->p_p->ps_flags & PS_TAMED) || suid_clear)) { + (suser(p, 0) || suid_clear)) { error = VOP_GETATTR(vp, &vattr, p->p_ucred, p); if (error) goto out; |