diff options
author | avg <avg@FreeBSD.org> | 2012-10-06 19:23:44 +0000 |
---|---|---|
committer | avg <avg@FreeBSD.org> | 2012-10-06 19:23:44 +0000 |
commit | 457ded9997f94bfa47db9f77bed1c32d3c6fee00 (patch) | |
tree | 9652d607feef27f1e8ee67145ea20183aab70f00 /sys/kern/kern_exec.c | |
parent | e4499a4b008eb0276bbaa4ed92d2af5e023c8fb6 (diff) | |
download | FreeBSD-src-457ded9997f94bfa47db9f77bed1c32d3c6fee00.zip FreeBSD-src-457ded9997f94bfa47db9f77bed1c32d3c6fee00.tar.gz |
ktrace/kern_exec: check p_tracecred instead of p_cred
.. when deciding whether to continue tracing across suid/sgid exec.
Otherwise if root ktrace-d an unprivileged process and the processed
exec-ed a suid program, then tracing didn't continue across exec.
Reviewed by: bde, kib
MFC after: 22 days
Diffstat (limited to 'sys/kern/kern_exec.c')
-rw-r--r-- | sys/kern/kern_exec.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index eff0f83..22c53a5 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -691,7 +691,8 @@ interpret: setsugid(p); #ifdef KTRACE - if (priv_check_cred(oldcred, PRIV_DEBUG_DIFFCRED, 0)) + if (p->p_tracecred != NULL && + priv_check_cred(p->p_tracecred, PRIV_DEBUG_DIFFCRED, 0)) ktrprocexec(p, &tracecred, &tracevp); #endif /* |