diff options
author | rwatson <rwatson@FreeBSD.org> | 2002-07-27 18:06:49 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2002-07-27 18:06:49 +0000 |
commit | 6869b56d0e58b777174ea19b866b5ee458035333 (patch) | |
tree | abf3460c1415aaac7292a1a9b0cd24a5e4142858 /sys/kern/kern_exec.c | |
parent | 2f0789c8efca1c11cc0cea49e7f39f59b738bc5a (diff) | |
download | FreeBSD-src-6869b56d0e58b777174ea19b866b5ee458035333.zip FreeBSD-src-6869b56d0e58b777174ea19b866b5ee458035333.tar.gz |
Slight restructuring of the logic for credential change case identification
during execve() to use a 'credential_changing' variable. This makes it
easier to have outstanding patchsets against this code, as well as to
add conditionally defined clauses.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
Diffstat (limited to 'sys/kern/kern_exec.c')
-rw-r--r-- | sys/kern/kern_exec.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index 2ed3839..df6bf3a 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -145,6 +145,7 @@ execve(td, uap) struct vnode *tracevp = NULL; #endif struct vnode *textvp = NULL; + int credential_changing; imgp = &image_params; @@ -378,8 +379,13 @@ interpret: * the process is being traced. */ oldcred = p->p_ucred; - if ((((attr.va_mode & VSUID) && oldcred->cr_uid != attr.va_uid) || - ((attr.va_mode & VSGID) && oldcred->cr_gid != attr.va_gid)) && + credential_changing = 0; + credential_changing |= (attr.va_mode & VSUID) && oldcred->cr_uid != + attr.va_uid; + credential_changing |= (attr.va_mode & VSGID) && oldcred->cr_gid != + attr.va_gid; + + if (credential_changing && (imgp->vp->v_mount->mnt_flag & MNT_NOSUID) == 0 && (p->p_flag & P_TRACED) == 0) { /* |