diff options
| author | truckman <truckman@FreeBSD.org> | 1998-11-11 10:04:13 +0000 |
|---|---|---|
| committer | truckman <truckman@FreeBSD.org> | 1998-11-11 10:04:13 +0000 |
| commit | de184682fa22833c7b18a96a136bc031ae786434 (patch) | |
| tree | b9b62a0e361f25bc4ed8f9636cce5f2fd2f12423 /sys/kern/kern_sig.c | |
| parent | 225b2f25416b4a11b425250105d4acbfc5bd5638 (diff) | |
| download | FreeBSD-src-de184682fa22833c7b18a96a136bc031ae786434.zip FreeBSD-src-de184682fa22833c7b18a96a136bc031ae786434.tar.gz | |
Installed the second patch attached to kern/7899 with some changes suggested
by bde, a few other tweaks to get the patch to apply cleanly again and
some improvements to the comments.
This change closes some fairly minor security holes associated with
F_SETOWN, fixes a few bugs, and removes some limitations that F_SETOWN
had on tty devices. For more details, see the description on the PR.
Because this patch increases the size of the proc and pgrp structures,
it is necessary to re-install the includes and recompile libkvm,
the vinum lkm, fstat, gcore, gdb, ipfilter, ps, top, and w.
PR: kern/7899
Reviewed by: bde, elvind
Diffstat (limited to 'sys/kern/kern_sig.c')
| -rw-r--r-- | sys/kern/kern_sig.c | 39 |
1 files changed, 38 insertions, 1 deletions
diff --git a/sys/kern/kern_sig.c b/sys/kern/kern_sig.c index 290917a..29bacee 100644 --- a/sys/kern/kern_sig.c +++ b/sys/kern/kern_sig.c @@ -36,7 +36,7 @@ * SUCH DAMAGE. * * @(#)kern_sig.c 8.7 (Berkeley) 4/18/94 - * $Id: kern_sig.c,v 1.47 1998/09/14 23:25:18 jdp Exp $ + * $Id: kern_sig.c,v 1.48 1998/10/21 16:31:38 jdp Exp $ */ #include "opt_compat.h" @@ -86,6 +86,16 @@ SYSCTL_INT(_kern, KERN_LOGSIGEXIT, logsigexit, CTLFLAG_RW, &kern_logsigexit, 0, (pc)->pc_ucred->cr_uid == (q)->p_ucred->cr_uid || \ ((signum) == SIGCONT && (q)->p_session == (p)->p_session)) +/* + * Policy -- Can real uid ruid with ucred uc send a signal to process q? + */ +#define CANSIGIO(ruid, uc, q) \ + ((uc)->cr_uid == 0 || \ + (ruid) == (q)->p_cred->p_ruid || \ + (uc)->cr_uid == (q)->p_cred->p_ruid || \ + (ruid) == (q)->p_ucred->cr_uid || \ + (uc)->cr_uid == (q)->p_ucred->cr_uid) + int sugid_coredump; SYSCTL_INT(_kern, OID_AUTO, sugid_coredump, CTLFLAG_RW, &sugid_coredump, 0, ""); @@ -1344,3 +1354,30 @@ nosys(p, args) psignal(p, SIGSYS); return (EINVAL); } + +/* + * Send a signal to a SIGIO or SIGURG to a process or process group using + * stored credentials rather than those of the current process. + */ +void +pgsigio(sigio, signum, checkctty) + struct sigio *sigio; + int signum, checkctty; +{ + if (sigio == NULL) + return; + + if (sigio->sio_pgid > 0) { + if (CANSIGIO(sigio->sio_ruid, sigio->sio_ucred, + sigio->sio_proc)) + psignal(sigio->sio_proc, signum); + } else if (sigio->sio_pgid < 0) { + struct proc *p; + + for (p = sigio->sio_pgrp->pg_members.lh_first; p != NULL; + p = p->p_pglist.le_next) + if (CANSIGIO(sigio->sio_ruid, sigio->sio_ucred, p) && + (checkctty == 0 || (p->p_flag & P_CONTROLT))) + psignal(p, signum); + } +} |
