diff options
author | guido <guido@FreeBSD.org> | 1997-10-15 18:28:34 +0000 |
---|---|---|
committer | guido <guido@FreeBSD.org> | 1997-10-15 18:28:34 +0000 |
commit | 9bb743990ae36f54c48a20758ce0fa2eff9bd954 (patch) | |
tree | f27a8b5c906b09522a4a00a595bc2a3c1bf919a3 /sys/kern/kern_exec.c | |
parent | fe54436c76fe2cc4162bb2ea349f5147bc8eadd3 (diff) | |
download | FreeBSD-src-9bb743990ae36f54c48a20758ce0fa2eff9bd954.zip FreeBSD-src-9bb743990ae36f54c48a20758ce0fa2eff9bd954.tar.gz |
On execing a sgid program, do not set P_SUGID when cr_gid and cr)_uid
do not change.
PR: 4755
Reviewed by: Bruce Evans
Diffstat (limited to 'sys/kern/kern_exec.c')
-rw-r--r-- | sys/kern/kern_exec.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index 29a53d1..d72d3ab 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: kern_exec.c,v 1.65 1997/09/02 20:05:38 bde Exp $ + * $Id: kern_exec.c,v 1.66 1997/09/21 04:22:50 dyson Exp $ */ #include <sys/param.h> @@ -293,7 +293,8 @@ interpret: * Don't honor setuid/setgid if the filesystem prohibits it or if * the process is being traced. */ - if ((attr.va_mode & (VSUID | VSGID)) && + if ((attr.va_mode & VSUID && p->p_ucred->cr_uid != attr.va_uid || + attr.va_mode & VSGID && p->p_ucred->cr_gid != attr.va_gid) && (imgp->vp->v_mount->mnt_flag & MNT_NOSUID) == 0 && (p->p_flag & P_TRACED) == 0) { /* @@ -312,7 +313,7 @@ interpret: if (attr.va_mode & VSUID) p->p_ucred->cr_uid = attr.va_uid; if (attr.va_mode & VSGID) - p->p_ucred->cr_groups[0] = attr.va_gid; + p->p_ucred->cr_gid = attr.va_gid; p->p_flag |= P_SUGID; } else { if (p->p_ucred->cr_uid == p->p_cred->p_ruid && |