Don't call suser_cred() directly from linux_sethostname(), as it just
wraps userland_sysctl(), which performs necessary privilege checks as part of its normal operation. MFC after: 1 week
This commit is contained in:
parent
fd4a6d10a4
commit
3e8df637c0
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=161610
@ -1459,12 +1459,9 @@ int
|
||||
linux_sethostname(struct thread *td, struct linux_sethostname_args *args)
|
||||
{
|
||||
int name[2];
|
||||
int error;
|
||||
|
||||
name[0] = CTL_KERN;
|
||||
name[1] = KERN_HOSTNAME;
|
||||
if ((error = suser_cred(td->td_ucred, SUSER_ALLOWJAIL)))
|
||||
return (error);
|
||||
return (userland_sysctl(td, name, 2, 0, 0, 0, args->hostname,
|
||||
args->len, 0, 0));
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user