Pass P_SUGID on to the child of a fork(). It was possible to get rlogin

to coredump previously since it (somewhat uniquely) is setuid and forks without execing, and thus without passing P_SUGID the child could coredump and possibly divulge sensitive information (such as encrypted passwords from the passwd database).
1997-02-17 10:58:46 +00:00 · 1997-02-17 10:58:46 +00:00 · 70e534e78f
commit 70e534e78f
parent 2731fd39ed
1 changed files with 4 additions and 0 deletions
--- a/sys/kern/kern_fork.c
+++ b/sys/kern/kern_fork.c
@ -275,6 +275,10 @@ fork1(p1, flags, retval)
 		p2->p_limit->p_refcnt++;
 	}

+	/*
+	 * Preserve some flags in subprocess.
+	 */
+	p2->p_flag |= p1->p_flag & P_SUGID;
 	if (p1->p_session->s_ttyvp != NULL && p1->p_flag & P_CONTROLT)
 		p2->p_flag |= P_CONTROLT;
 	if (flags & RFPPWAIT)