diff options
author | Brian Feldman <green@FreeBSD.org> | 2000-08-16 23:28:54 +0000 |
---|---|---|
committer | Brian Feldman <green@FreeBSD.org> | 2000-08-16 23:28:54 +0000 |
commit | 9b969686239dd40658da36fc1b881ebaad65d731 (patch) | |
tree | c873902eedf8a5ebd0c07a7f0e1a8a989124ef8c /sys/kern/kern_resource.c | |
parent | bc19d0871a2016be73f5569ec4fbdd648bb55ee7 (diff) | |
download | src-9b969686239dd40658da36fc1b881ebaad65d731.tar.gz src-9b969686239dd40658da36fc1b881ebaad65d731.zip |
Fix a couple cases where p_trespass wasn't transitioned into place.
Make RTP_SET (rtprio) only accessible to real root, not root in jails.
Notes
Notes:
svn path=/head/; revision=64736
Diffstat (limited to 'sys/kern/kern_resource.c')
-rw-r--r-- | sys/kern/kern_resource.c | 12 |
1 files changed, 3 insertions, 9 deletions
diff --git a/sys/kern/kern_resource.c b/sys/kern/kern_resource.c index ed91c2737456..ce09cad59ad2 100644 --- a/sys/kern/kern_resource.c +++ b/sys/kern/kern_resource.c @@ -197,11 +197,8 @@ donice(curp, chgp, n) register struct proc *curp, *chgp; register int n; { - register struct pcred *pcred = curp->p_cred; - if (pcred->pc_ucred->cr_uid && pcred->p_ruid && - pcred->pc_ucred->cr_uid != chgp->p_ucred->cr_uid && - pcred->p_ruid != chgp->p_ucred->cr_uid) + if (p_trespass(curp, chgp) != 0) return (EPERM); if (n > PRIO_MAX) n = PRIO_MAX; @@ -234,7 +231,6 @@ rtprio(curp, uap) register struct rtprio_args *uap; { register struct proc *p; - register struct pcred *pcred = curp->p_cred; struct rtprio rtp; int error; @@ -254,12 +250,10 @@ rtprio(curp, uap) case RTP_LOOKUP: return (copyout(&p->p_rtprio, uap->rtp, sizeof(struct rtprio))); case RTP_SET: - if (pcred->pc_ucred->cr_uid && pcred->p_ruid && - pcred->pc_ucred->cr_uid != p->p_ucred->cr_uid && - pcred->p_ruid != p->p_ucred->cr_uid) + if (p_trespass(curp, p) != 0) return (EPERM); /* disallow setting rtprio in most cases if not superuser */ - if (suser(curp)) { + if (suser_xxx(NULL, curp, PRISON_ROOT) != 0) { /* can't set someone else's */ if (uap->pid) return (EPERM); |