From 2af96e689ce0de14ee79eef20ace76145bb8112d Mon Sep 17 00:00:00 2001 From: dg Date: Mon, 17 Feb 1997 10:58:46 +0000 Subject: Pass P_SUGID on to the child of a fork(). It was possible to get rlogin to coredump previously since it (somewhat uniquely) is setuid and forks without execing, and thus without passing P_SUGID the child could coredump and possibly divulge sensitive information (such as encrypted passwords from the passwd database). --- sys/kern/kern_fork.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'sys') diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c index 0de5272..40f12f3 100644 --- a/sys/kern/kern_fork.c +++ b/sys/kern/kern_fork.c @@ -275,6 +275,10 @@ again: p2->p_limit->p_refcnt++; } + /* + * Preserve some flags in subprocess. + */ + p2->p_flag |= p1->p_flag & P_SUGID; if (p1->p_session->s_ttyvp != NULL && p1->p_flag & P_CONTROLT) p2->p_flag |= P_CONTROLT; if (flags & RFPPWAIT) -- cgit v1.1