d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Slight restructuring of the logic for credential change case identification

Browse Source 
during execve() to use a 'credential_changing' variable.  This makes it
easier to have outstanding patchsets against this code, as well as to
add conditionally defined clauses.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
This commit is contained in:
Robert Watson 2002-07-27 18:06:49 +00:00
parent ce39e722ec
commit d06c0d4d40
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=100759
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
sys/kern/kern_exec.c
View File

@ -145,6 +145,7 @@ execve(td, uap)
struct vnode *tracevp = NULL;
#endif
struct vnode *textvp = NULL;
int credential_changing;
imgp = &image_params;
@ -378,8 +379,13 @@ execve(td, uap)
* the process is being traced.
*/
oldcred = p->p_ucred;
if ((((attr.va_mode & VSUID) && oldcred->cr_uid != attr.va_uid) ||
((attr.va_mode & VSGID) && oldcred->cr_gid != attr.va_gid)) &&
credential_changing = 0;
credential_changing |= (attr.va_mode & VSUID) && oldcred->cr_uid !=
attr.va_uid;
credential_changing |= (attr.va_mode & VSGID) && oldcred->cr_gid !=
attr.va_gid;
if (credential_changing &&
(imgp->vp->v_mount->mnt_flag & MNT_NOSUID) == 0 &&
(p->p_flag & P_TRACED) == 0) {
/*