On execing a sgid program, do not set P_SUGID when cr_gid and cr)_uid

do not change. PR: 4755 Reviewed by: Bruce Evans
1997-10-15 18:28:34 +00:00 · 1997-10-15 18:28:34 +00:00 · 9bb743990a
commit 9bb743990a
parent fe54436c76
1 changed files with 4 additions and 3 deletions
--- a/sys/kern/kern_exec.c
+++ b/sys/kern/kern_exec.c
@ -23,7 +23,7 @@
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
- *	$Id: kern_exec.c,v 1.65 1997/09/02 20:05:38 bde Exp $
+ *	$Id: kern_exec.c,v 1.66 1997/09/21 04:22:50 dyson Exp $
 */

 #include <sys/param.h>
@ -293,7 +293,8 @@ execve(p, uap, retval)
 	 * Don't honor setuid/setgid if the filesystem prohibits it or if
 	 * the process is being traced.
 	 */
-	if ((attr.va_mode & (VSUID | VSGID)) &&
+	if ((attr.va_mode & VSUID && p->p_ucred->cr_uid != attr.va_uid ||
+	     attr.va_mode & VSGID && p->p_ucred->cr_gid != attr.va_gid) &&
 	    (imgp->vp->v_mount->mnt_flag & MNT_NOSUID) == 0 &&
 	    (p->p_flag & P_TRACED) == 0) {
 		/*
@ -312,7 +313,7 @@ execve(p, uap, retval)
 		if (attr.va_mode & VSUID)
 			p->p_ucred->cr_uid = attr.va_uid;
 		if (attr.va_mode & VSGID)
-			p->p_ucred->cr_groups[0] = attr.va_gid;
+			p->p_ucred->cr_gid = attr.va_gid;
 		p->p_flag |= P_SUGID;
 	} else {
 	        if (p->p_ucred->cr_uid == p->p_cred->p_ruid &&