Drop privileges if we're not reading standard kernel file or namelist.

Submitted by: smpatel (Sujal Patel)
author: pst <pst@FreeBSD.org> 1996-05-30 02:18:44 +0000
committer: pst <pst@FreeBSD.org> 1996-05-30 02:18:44 +0000
commit: 9d48774924c95a2336d377163cfee753ae3d2549 (patch)
tree: 1e97cf6b0399d73829f5a8315c6ea65afda4bdfc /usr.bin/ipcs
parent: cd113d77ab85db7f63be66c81a4eb642746aa284 (diff)
download: FreeBSD-src-9d48774924c95a2336d377163cfee753ae3d2549.zip
FreeBSD-src-9d48774924c95a2336d377163cfee753ae3d2549.tar.gz
1 files changed, 9 insertions, 1 deletions
diff --git a/usr.bin/ipcs/ipcs.c b/usr.bin/ipcs/ipcs.c
index cd4e5cc..a755b91 100644
--- a/usr.bin/ipcs/ipcs.c
+++ b/usr.bin/ipcs/ipcs.c
@@ -24,7 +24,7 @@
  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
- *	$Id: ipcs.c,v 1.3 1994/09/19 10:24:38 davidg Exp $
+ *	$Id: ipcs.c,v 1.4 1995/07/12 19:10:17 bde Exp $
  */
 
 #include <stdio.h>
@@ -185,6 +185,14 @@ main(argc, argv)
 		default:
 			usage();
 		}
+
+	/*
+	 * Discard setgid privileges if not the running kernel so that bad
+	 * guys can't print interesting stuff from kernel memory.
+	 */
+	if (namelist != NULL || core != NULL)
+		setgid(getgid());
+
 	if ((kd = kvm_open(namelist, core, NULL, O_RDONLY, "ipcs")) == NULL)
 		exit(1);
author	pst <pst@FreeBSD.org>	1996-05-30 02:18:44 +0000
committer	pst <pst@FreeBSD.org>	1996-05-30 02:18:44 +0000
commit	9d48774924c95a2336d377163cfee753ae3d2549 (patch)
tree	1e97cf6b0399d73829f5a8315c6ea65afda4bdfc /usr.bin/ipcs
parent	cd113d77ab85db7f63be66c81a4eb642746aa284 (diff)
download	FreeBSD-src-9d48774924c95a2336d377163cfee753ae3d2549.zip FreeBSD-src-9d48774924c95a2336d377163cfee753ae3d2549.tar.gz