coredump: avoid writing to core files not owned by the real user.
Reported by: blake frantz <trew@hick.org> PR: 68905 admbugs: 358 Sponsored by: The FreeBSD Foundation MFC after: 1 week
This commit is contained in:
parent
ac6a9e474f
commit
7a29e0bf96
@ -3597,10 +3597,11 @@ coredump(struct thread *td)
|
||||
|
||||
/*
|
||||
* Don't dump to non-regular files or files with links.
|
||||
* Do not dump into system files.
|
||||
* Do not dump into system files. Real user must own the corefile.
|
||||
*/
|
||||
if (vp->v_type != VREG || VOP_GETATTR(vp, &vattr, cred) != 0 ||
|
||||
vattr.va_nlink != 1 || (vp->v_vflag & VV_SYSTEM) != 0) {
|
||||
vattr.va_nlink != 1 || (vp->v_vflag & VV_SYSTEM) != 0 ||
|
||||
vattr.va_uid != cred->cr_ruid) {
|
||||
VOP_UNLOCK(vp, 0);
|
||||
error = EFAULT;
|
||||
goto out;
|
||||
|
Loading…
Reference in New Issue
Block a user