Upon further review, DES prefers this change over that in revision 1.13

to resolve the directory access problem for processes with P_SUGID flag set. Suggested by: des
2006-06-05 16:41:27 +00:00 · 2006-06-05 16:41:27 +00:00 · 3266c22854
commit 3266c22854
parent 1735925eeb
1 changed files with 4 additions and 6 deletions
--- a/sys/fs/procfs/procfs.c
+++ b/sys/fs/procfs/procfs.c
@ -98,12 +98,7 @@ procfs_attr(PFS_ATTR_ARGS)
 	PROC_LOCK_ASSERT(p, MA_OWNED);

 	/* XXX inefficient, split into separate functions */
-	if (p->p_flag & P_SUGID) {
-		if (pn->pn_type == pfstype_procdir)
-			vap->va_mode = 0555;
-		else
-			vap->va_mode = 0;
-	} else if (strcmp(pn->pn_name, "ctl") == 0 ||
+	if (strcmp(pn->pn_name, "ctl") == 0 ||
 	    strcmp(pn->pn_name, "note") == 0 ||
 	    strcmp(pn->pn_name, "notepg") == 0)
 		vap->va_mode = 0200;
@ -113,6 +108,9 @@ procfs_attr(PFS_ATTR_ARGS)
 	    strcmp(pn->pn_name, "fpregs") == 0)
 		vap->va_mode = 0600;

+	if ((p->p_flag & P_SUGID) && pn->pn_type != pfstype_procdir)
+		vap->va_mode = 0;
+
 	vap->va_uid = p->p_ucred->cr_uid;
 	vap->va_gid = p->p_ucred->cr_gid;