diff options
author | joerg <joerg@FreeBSD.org> | 1997-03-15 10:39:12 +0000 |
---|---|---|
committer | joerg <joerg@FreeBSD.org> | 1997-03-15 10:39:12 +0000 |
commit | 5f33cfa082e76c89628736a49dbc10b349107431 (patch) | |
tree | 1cd244b10b4b7e3c7faea3aeea54360bcbc548c0 /usr.bin/ktrace/ktrace.c | |
parent | 89d72dfcbf3a8f896cec2ddd5e83f384194181e7 (diff) | |
download | FreeBSD-src-5f33cfa082e76c89628736a49dbc10b349107431.zip FreeBSD-src-5f33cfa082e76c89628736a49dbc10b349107431.tar.gz |
Fix a security problem where the ktrace.out file could have been written
over a file owned by someone else.
Pointed out by: wosch
Reviewed by: sef, imp, proff@suburbia.net, bde
Diffstat (limited to 'usr.bin/ktrace/ktrace.c')
-rw-r--r-- | usr.bin/ktrace/ktrace.c | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/usr.bin/ktrace/ktrace.c b/usr.bin/ktrace/ktrace.c index 10db42e..8ff4d69 100644 --- a/usr.bin/ktrace/ktrace.c +++ b/usr.bin/ktrace/ktrace.c @@ -42,7 +42,7 @@ static char copyright[] = static char sccsid[] = "@(#)ktrace.c 8.1 (Berkeley) 6/6/93"; #endif static const char rcsid[] = - "$Id$"; + "$Id: ktrace.c,v 1.8 1997/02/22 19:55:27 peter Exp $"; #endif /* not lint */ #include <sys/param.h> @@ -72,6 +72,7 @@ main(argc, argv) int append, ch, fd, inherit, ops, pid, pidset, trpoints; char *tracefile; mode_t omask; + struct stat sb; clear = NOTSET; append = ops = pidset = inherit = 0; @@ -140,9 +141,19 @@ main(argc, argv) } omask = umask(S_IRWXG|S_IRWXO); - if ((fd = open(tracefile, O_CREAT | O_WRONLY | (append ? 0 : O_TRUNC), - DEFFILEMODE)) < 0) - err(1, tracefile); + if (append) { + if ((fd = open(tracefile, O_CREAT | O_WRONLY, DEFFILEMODE)) < 0) + err(1, tracefile); + if (fstat(fd, &sb) != 0 || sb.st_uid != getuid()) + errx(1, "Refuse to append to %s not owned by you.", + tracefile); + } else { + if (unlink(tracefile) == -1 && errno != ENOENT) + err(1, "unlink %s", tracefile); + if ((fd = open(tracefile, O_CREAT | O_EXCL | O_WRONLY, + DEFFILEMODE)) < 0) + err(1, tracefile); + } (void)umask(omask); (void)close(fd); |