diff options
author | des <des@FreeBSD.org> | 2002-02-18 21:41:11 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2002-02-18 21:41:11 +0000 |
commit | 364e5bfeb67226e5ae5ead5ffd5deac0095e2c25 (patch) | |
tree | cf10fd83ad3334950a4e4c7d791841ccefa9efff /sys/fs/procfs | |
parent | 2a55b689edfa9c7265a5653074a29f94fb285d4f (diff) | |
download | FreeBSD-src-364e5bfeb67226e5ae5ead5ffd5deac0095e2c25.zip FreeBSD-src-364e5bfeb67226e5ae5ead5ffd5deac0095e2c25.tar.gz |
Paranoia: if the process is setugid, set all sensitive files mode 0.
Diffstat (limited to 'sys/fs/procfs')
-rw-r--r-- | sys/fs/procfs/procfs.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/sys/fs/procfs/procfs.c b/sys/fs/procfs/procfs.c index 76c128f..6d6162e 100644 --- a/sys/fs/procfs/procfs.c +++ b/sys/fs/procfs/procfs.c @@ -94,7 +94,9 @@ int procfs_attr(PFS_ATTR_ARGS) { /* XXX inefficient, split into separate functions */ - if (strcmp(pn->pn_name, "ctl") == 0 || + if (p->p_flag & P_SUGID) + vap->va_mode = 0; + else if (strcmp(pn->pn_name, "ctl") == 0 || strcmp(pn->pn_name, "note") == 0 || strcmp(pn->pn_name, "notepg") == 0) vap->va_mode = 0200; |