From 10d32f7a70eaa6dcc9bd498e4bf78130094d6fdd Mon Sep 17 00:00:00 2001
From: pst <pst@FreeBSD.org>
Date: Thu, 30 May 1996 02:20:10 +0000
Subject: Drop privileges if not using standard namelist or kernel file.
 Submitted by:	smpatel (Sujal Patel)

---
 usr.bin/w/w.c | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'usr.bin/w/w.c')

diff --git a/usr.bin/w/w.c b/usr.bin/w/w.c
index b75f7f4..924ba11 100644
--- a/usr.bin/w/w.c
+++ b/usr.bin/w/w.c
@@ -179,6 +179,13 @@ main(argc, argv)
 	_res.retrans = 2;	/* resolver timeout to 2 seconds per try */
 	_res.retry = 1;		/* only try once.. */
 
+	/*
+	 * Discard setgid privileges if not the running kernel so that bad
+	 * guys can't print interesting stuff from kernel memory.
+	 */
+	if (nlistf != NULL || memf != NULL)
+		setgid(getgid());
+
 	if ((kd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, errbuf)) == NULL)
 		errx(1, "%s", errbuf);
 
-- 
cgit v1.1