Don't allow non-owner to set SUID bit on a file. It doesn't make

any difference now, but in NFSv4 ACLs, there is write_acl permission, which also affects mode changes. Reviewed by: pjd
author: trasz <trasz@FreeBSD.org> 2009-05-24 19:21:49 +0000
committer: trasz <trasz@FreeBSD.org> 2009-05-24 19:21:49 +0000
commit: 65e538f91c24b2aa809442ae16fcbabef86e8f16 (patch)
tree: 0593958adc91c4e64f9c692141207f0abe93b5da /sys/cddl
parent: c220cf0c33f657989fce4ecabdeaa9d485b4f67d (diff)
download: FreeBSD-src-65e538f91c24b2aa809442ae16fcbabef86e8f16.zip
FreeBSD-src-65e538f91c24b2aa809442ae16fcbabef86e8f16.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c b/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c
index 25c736e..cedf335 100644
--- a/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c
+++ b/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c
@@ -302,6 +302,14 @@ secpolicy_setid_setsticky_clear(struct vnode *vp, struct vattr *vap,
 		if (error)
 			return (error);
 	}
+	/*
+	 * Deny setting setuid if we are not the file owner.
+	 */
+	if ((vap->va_mode & S_ISUID) && ovap->va_uid != cred->cr_uid) {
+		error = priv_check_cred(cred, PRIV_VFS_ADMIN, 0);
+		if (error)
+			return (error);
+	}
 	return (0);
 }
author	trasz <trasz@FreeBSD.org>	2009-05-24 19:21:49 +0000
committer	trasz <trasz@FreeBSD.org>	2009-05-24 19:21:49 +0000
commit	65e538f91c24b2aa809442ae16fcbabef86e8f16 (patch)
tree	0593958adc91c4e64f9c692141207f0abe93b5da /sys/cddl
parent	c220cf0c33f657989fce4ecabdeaa9d485b4f67d (diff)
download	FreeBSD-src-65e538f91c24b2aa809442ae16fcbabef86e8f16.zip FreeBSD-src-65e538f91c24b2aa809442ae16fcbabef86e8f16.tar.gz