diff options
author | peter <peter@FreeBSD.org> | 1997-04-02 17:05:49 +0000 |
---|---|---|
committer | peter <peter@FreeBSD.org> | 1997-04-02 17:05:49 +0000 |
commit | 4ff904472507a94dcfb8a9fbf4ee03cdec64f333 (patch) | |
tree | 4ff058c08c3964cdac5ef36cd87fa52250feced3 /sys | |
parent | 4632df0ca9efba4c9d641dd32b88c318b191f9d1 (diff) | |
download | FreeBSD-src-4ff904472507a94dcfb8a9fbf4ee03cdec64f333.zip FreeBSD-src-4ff904472507a94dcfb8a9fbf4ee03cdec64f333.tar.gz |
Don't incorrectly set P_SUGID in setre[ug]id() for no reason, as noticed
by bde.
Don't return EPERM in setre[ug]id() just because the caller passes in
the current effective id in the second arg (ie: no change), as suggested
by ache.
Diffstat (limited to 'sys')
-rw-r--r-- | sys/kern/kern_prot.c | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index d1c4db4..27db363 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -36,7 +36,7 @@ * SUCH DAMAGE. * * @(#)kern_prot.c 8.6 (Berkeley) 1/21/94 - * $Id: kern_prot.c,v 1.30 1997/03/31 13:47:00 peter Exp $ + * $Id: kern_prot.c,v 1.31 1997/03/31 15:13:33 peter Exp $ */ /* @@ -612,7 +612,8 @@ setreuid(p, uap, retval) ruid = uap->ruid; euid = uap->euid; if ((ruid != (uid_t)-1 && ruid != pc->p_ruid && ruid != pc->p_svuid || - euid != (uid_t)-1 && euid != pc->p_ruid && euid != pc->p_svuid) && + euid != (uid_t)-1 && euid != pc->pc_ucred->cr_uid && + euid != pc->p_ruid && euid != pc->p_svuid) && (error = suser(pc->pc_ucred, &p->p_acflag))) return (error); @@ -627,7 +628,8 @@ setreuid(p, uap, retval) pc->p_ruid = ruid; p->p_flag |= P_SUGID; } - if (ruid != (uid_t)-1 || pc->pc_ucred->cr_uid != pc->p_ruid) { + if ((ruid != (uid_t)-1 || pc->pc_ucred->cr_uid != pc->p_ruid) && + pc->p_svuid != pc->pc_ucred->cr_uid) { pc->p_svuid = pc->pc_ucred->cr_uid; p->p_flag |= P_SUGID; } @@ -654,7 +656,8 @@ setregid(p, uap, retval) rgid = uap->rgid; egid = uap->egid; if ((rgid != (gid_t)-1 && rgid != pc->p_rgid && rgid != pc->p_svgid || - egid != (gid_t)-1 && egid != pc->p_rgid && egid != pc->p_svgid) && + egid != (gid_t)-1 && egid != pc->pc_ucred->cr_groups[0] && + egid != pc->p_rgid && egid != pc->p_svgid) && (error = suser(pc->pc_ucred, &p->p_acflag))) return (error); @@ -667,7 +670,8 @@ setregid(p, uap, retval) pc->p_rgid = rgid; p->p_flag |= P_SUGID; } - if (rgid != (gid_t)-1 || pc->pc_ucred->cr_groups[0] != pc->p_rgid) { + if ((rgid != (gid_t)-1 || pc->pc_ucred->cr_groups[0] != pc->p_rgid) && + pc->p_svgid != pc->pc_ucred->cr_groups[0]) { pc->p_svgid = pc->pc_ucred->cr_groups[0]; p->p_flag |= P_SUGID; } |