Move setugid() a little sooner to before we release tracing in case

crdup() or change_e*id() block on malloc() or mutex.
svn path=/head/; revision=78371
2001-06-16 23:34:23 +00:00 · 2001-06-16 23:34:23 +00:00 · b85db19691 · 2020-12-20 02:59:44 +00:00
commit b85db19691
parent 8d3428c0b4
1 changed files with 3 additions and 2 deletions
--- a/sys/kern/kern_exec.c
+++ b/sys/kern/kern_exec.c
@ -298,8 +298,10 @@ execve(p, uap)
 		PROC_UNLOCK(p);
 		/*
 		 * Turn off syscall tracing for set-id programs, except for
-		 * root.
+		 * root.  Record any set-id flags first to make sure that
+		 * we do not regain any tracing during a possible block.
 		 */
+		setsugid(p);
 		if (p->p_tracep && suser_xxx(oldcred, NULL, PRISON_ROOT)) {
 			p->p_traceflag = 0;
 			vrele(p->p_tracep);
@ -313,7 +315,6 @@ execve(p, uap)
 			change_euid(newcred, attr.va_uid);
 		if (attr.va_mode & VSGID)
 			change_egid(newcred, attr.va_gid);
-		setsugid(p);
 		setugidsafety(p);
 	} else {
 		if (oldcred->cr_uid == oldcred->cr_ruid &&