diff options
author | Robert Watson <rwatson@FreeBSD.org> | 2001-05-17 21:48:44 +0000 |
---|---|---|
committer | Robert Watson <rwatson@FreeBSD.org> | 2001-05-17 21:48:44 +0000 |
commit | 6bd1912df4487da7e6f419bc2f0e2d09afebae28 (patch) | |
tree | 1d0f08cb2a73f392fd761fbf2c1eec459547a4dd /sys/kern/kern_prot.c | |
parent | d22e5c3d8919ae96ad54c28d374f413c1c923f29 (diff) | |
download | src-6bd1912df4487da7e6f419bc2f0e2d09afebae28.tar.gz src-6bd1912df4487da7e6f419bc2f0e2d09afebae28.zip |
o Modify access control checks in p_candebug() such that the policy is as
follows: the effective uid of p1 (subject) must equal the real, saved,
and effective uids of p2 (object), p2 must not have undergone a
credential downgrade. A subject with appropriate privilege may override
these protections.
In the future, we will extend these checks to require that p1 effective
group membership must be a superset of p2 effective group membership.
Obtained from: TrustedBSD Project
Notes
Notes:
svn path=/head/; revision=76763
Diffstat (limited to 'sys/kern/kern_prot.c')
-rw-r--r-- | sys/kern/kern_prot.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index 127d10c20264..f0b4ff8b11df 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -1178,9 +1178,9 @@ p_candebug(struct proc *p1, struct proc *p2, int *privused) /* not owned by you, has done setuid (unless you're root) */ /* add a CAP_SYS_PTRACE here? */ - if (p1->p_cred->pc_ucred->cr_uid != p2->p_cred->p_ruid || - p1->p_cred->p_ruid != p2->p_cred->p_ruid || - p1->p_cred->p_svuid != p2->p_cred->p_ruid || + if (p1->p_cred->pc_ucred->cr_uid != p2->p_cred->pc_ucred->cr_uid || + p1->p_cred->pc_ucred->cr_uid != p2->p_cred->p_svuid || + p1->p_cred->pc_ucred->cr_uid != p2->p_cred->p_ruid || p2->p_flag & P_SUGID) { if ((error = suser_xxx(0, p1, PRISON_ROOT))) return (error); |