diff options
author | imp <imp@FreeBSD.org> | 2000-01-20 07:12:52 +0000 |
---|---|---|
committer | imp <imp@FreeBSD.org> | 2000-01-20 07:12:52 +0000 |
commit | 4e884c480a19cc6a6050ee1e47f54fbc3cab11a0 (patch) | |
tree | a932b8403236cd665adfcbef5120f67fe7ae7311 /sys/kern/kern_exec.c | |
parent | 9f8d2f98a9105f3cabe07761127520e7d4940043 (diff) | |
download | FreeBSD-src-4e884c480a19cc6a6050ee1e47f54fbc3cab11a0.zip FreeBSD-src-4e884c480a19cc6a6050ee1e47f54fbc3cab11a0.tar.gz |
When we are execing a setugid program, and we have a procfs filesystem
file open in one of the special file descriptors (0, 1, or 2), close
it before completing the exec.
Submitted by: nergal@idea.avet.com.pl
Constructive comments: deraadt@openbsd.org, sef, peter, jkh
Diffstat (limited to 'sys/kern/kern_exec.c')
-rw-r--r-- | sys/kern/kern_exec.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index cceadb1..ba88695 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -289,6 +289,7 @@ interpret: if (attr.va_mode & VSGID) p->p_ucred->cr_gid = attr.va_gid; setsugid(p); + setugidsafety(p); } else { if (p->p_ucred->cr_uid == p->p_cred->p_ruid && p->p_ucred->cr_gid == p->p_cred->p_rgid) |