Move setugid() a little sooner to before we release tracing in case

crdup() or change_e*id() block on malloc() or mutex.
author: peter <peter@FreeBSD.org> 2001-06-16 23:34:23 +0000
committer: peter <peter@FreeBSD.org> 2001-06-16 23:34:23 +0000
commit: e05ff7e2d64783593e0782263ddea331dac375bb (patch)
tree: dfb6db054e876ad149c8ef92562a4643d152e188 /sys
parent: 59b4b8de49cd3b6f902e0b56d18e6b531a53d306 (diff)
download: FreeBSD-src-e05ff7e2d64783593e0782263ddea331dac375bb.zip
FreeBSD-src-e05ff7e2d64783593e0782263ddea331dac375bb.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c
index 0d7da41..ec663a6 100644
--- a/sys/kern/kern_exec.c
+++ b/sys/kern/kern_exec.c
@@ -298,8 +298,10 @@ interpret:
 		PROC_UNLOCK(p);
 		/*
 		 * Turn off syscall tracing for set-id programs, except for
-		 * root.
+		 * root.  Record any set-id flags first to make sure that
+		 * we do not regain any tracing during a possible block.
 		 */
+		setsugid(p);
 		if (p->p_tracep && suser_xxx(oldcred, NULL, PRISON_ROOT)) {
 			p->p_traceflag = 0;
 			vrele(p->p_tracep);
@@ -313,7 +315,6 @@ interpret:
 			change_euid(newcred, attr.va_uid);
 		if (attr.va_mode & VSGID)
 			change_egid(newcred, attr.va_gid);
-		setsugid(p);
 		setugidsafety(p);
 	} else {
 		if (oldcred->cr_uid == oldcred->cr_ruid &&
author	peter <peter@FreeBSD.org>	2001-06-16 23:34:23 +0000
committer	peter <peter@FreeBSD.org>	2001-06-16 23:34:23 +0000
commit	e05ff7e2d64783593e0782263ddea331dac375bb (patch)
tree	dfb6db054e876ad149c8ef92562a4643d152e188 /sys
parent	59b4b8de49cd3b6f902e0b56d18e6b531a53d306 (diff)
download	FreeBSD-src-e05ff7e2d64783593e0782263ddea331dac375bb.zip FreeBSD-src-e05ff7e2d64783593e0782263ddea331dac375bb.tar.gz