o Tighten up rules for which processes can't debug which other processes

in the p_candebug() function. Synchronize with sef's CHECKIO() macro from the old procfs, which seems to be a good source of security checks. Obtained from: TrustedBSD Project
author: rwatson <rwatson@FreeBSD.org> 2000-10-30 20:30:03 +0000
committer: rwatson <rwatson@FreeBSD.org> 2000-10-30 20:30:03 +0000
commit: 356ee2efc80ed7e140746c3ea88152b63c760698 (patch)
tree: b63657d7d785d48ca32fb8e3c546b95b0af942b7
parent: 4b00fdc3f68ef3b5b444b55f6c45e6c426c4262d (diff)
download: FreeBSD-src-356ee2efc80ed7e140746c3ea88152b63c760698.zip
FreeBSD-src-356ee2efc80ed7e140746c3ea88152b63c760698.tar.gz
1 files changed, 4 insertions, 2 deletions
diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index ee66924..744ac72 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -1082,8 +1082,10 @@ p_candebug(const struct proc *p1, const struct proc *p2, int *privused)
 
 	/* not owned by you, has done setuid (unless you're root) */
 	/* add a CAP_SYS_PTRACE here? */
-	if ((p1->p_cred->p_ruid != p2->p_cred->p_ruid) ||
-	    (p2->p_flag & P_SUGID)) {
+	if (p1->p_cred->pc_ucred->cr_uid != p2->p_cred->p_ruid ||
+	    p1->p_cred->p_ruid != p2->p_cred->p_ruid ||
+	    p1->p_cred->p_svuid == p2->p_cred->p_ruid ||
+	    p2->p_flag & P_SUGID) {
 		if ((error = suser_xxx(0, p1, PRISON_ROOT)))
 			return (error);
 		if (privused != NULL)
author	rwatson <rwatson@FreeBSD.org>	2000-10-30 20:30:03 +0000
committer	rwatson <rwatson@FreeBSD.org>	2000-10-30 20:30:03 +0000
commit	356ee2efc80ed7e140746c3ea88152b63c760698 (patch)
tree	b63657d7d785d48ca32fb8e3c546b95b0af942b7
parent	4b00fdc3f68ef3b5b444b55f6c45e6c426c4262d (diff)
download	FreeBSD-src-356ee2efc80ed7e140746c3ea88152b63c760698.zip FreeBSD-src-356ee2efc80ed7e140746c3ea88152b63c760698.tar.gz