diff options
author | trasz <trasz@FreeBSD.org> | 2009-05-24 19:21:49 +0000 |
---|---|---|
committer | trasz <trasz@FreeBSD.org> | 2009-05-24 19:21:49 +0000 |
commit | 65e538f91c24b2aa809442ae16fcbabef86e8f16 (patch) | |
tree | 0593958adc91c4e64f9c692141207f0abe93b5da /sys/cddl | |
parent | c220cf0c33f657989fce4ecabdeaa9d485b4f67d (diff) | |
download | FreeBSD-src-65e538f91c24b2aa809442ae16fcbabef86e8f16.zip FreeBSD-src-65e538f91c24b2aa809442ae16fcbabef86e8f16.tar.gz |
Don't allow non-owner to set SUID bit on a file. It doesn't make
any difference now, but in NFSv4 ACLs, there is write_acl permission,
which also affects mode changes.
Reviewed by: pjd
Diffstat (limited to 'sys/cddl')
-rw-r--r-- | sys/cddl/compat/opensolaris/kern/opensolaris_policy.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c b/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c index 25c736e..cedf335 100644 --- a/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c +++ b/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c @@ -302,6 +302,14 @@ secpolicy_setid_setsticky_clear(struct vnode *vp, struct vattr *vap, if (error) return (error); } + /* + * Deny setting setuid if we are not the file owner. + */ + if ((vap->va_mode & S_ISUID) && ovap->va_uid != cred->cr_uid) { + error = priv_check_cred(cred, PRIV_VFS_ADMIN, 0); + if (error) + return (error); + } return (0); } |