aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorColin Percival <cperciva@FreeBSD.org>2005-05-06 02:34:01 +0000
committerColin Percival <cperciva@FreeBSD.org>2005-05-06 02:34:01 +0000
commite0b13f513277ce4d0fe927cfc88835670f24a08e (patch)
tree514203bc0d467313097a121721694176afc651ab
parentb02227bd7cbd7e1bae28bc7ceb35c2fe911b8659 (diff)
downloadsrc-e0b13f513277ce4d0fe927cfc88835670f24a08e.tar.gz
src-e0b13f513277ce4d0fe927cfc88835670f24a08e.zip
Correct improper permissions on /dev/iir. The earlier permissions
of 0644 allowed for people to do Evil Things via ioctl(2). Security: FreeBSD-SA-05:06.iir Approved by: so (cperciva)
Notes
Notes: svn path=/releng/4.11/; revision=145948
-rw-r--r--UPDATING3
-rw-r--r--sys/conf/newvers.sh2
-rw-r--r--sys/dev/iir/iir_ctrl.c4
3 files changed, 6 insertions, 3 deletions
diff --git a/UPDATING b/UPDATING
index 3948924e2738..28b508134c81 100644
--- a/UPDATING
+++ b/UPDATING
@@ -17,6 +17,9 @@ minimal number of processes, if possible, for that patch. For those
updates that don't have an advisory, or to be safe, you can do a full
build and install as described in the COMMON ITEMS section.
+20050506: p5 FreeBSD-SA-05:06.iir
+ Correct overly liberal permissions on /dev/iir.
+
20050422: p4 FreeBSD-SA-05:05.cvs
Correct several vulnerabilities in CVS.
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index d899b9ff6273..7b080f1cbf5f 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -36,7 +36,7 @@
TYPE="FreeBSD"
REVISION="4.11"
-BRANCH="RELEASE-p4"
+BRANCH="RELEASE-p5"
RELEASE="${REVISION}-${BRANCH}"
VERSION="${TYPE} ${RELEASE}"
diff --git a/sys/dev/iir/iir_ctrl.c b/sys/dev/iir/iir_ctrl.c
index 30c2ed6a6e75..91f97b07b1a0 100644
--- a/sys/dev/iir/iir_ctrl.c
+++ b/sys/dev/iir/iir_ctrl.c
@@ -104,12 +104,12 @@ gdt_make_dev(int unit)
#ifdef SDEV_PER_HBA
dev = make_dev(&iir_cdevsw, hba2minor(unit), UID_ROOT, GID_OPERATOR,
- S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH, "iir%d", unit);
+ S_IRUSR | S_IWUSR, "iir%d", unit);
#else
if (sdev_made)
return (0);
dev = make_dev(&iir_cdevsw, 0, UID_ROOT, GID_OPERATOR,
- S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH, "iir");
+ S_IRUSR | S_IWUSR, "iir");
sdev_made = 1;
#endif
return (dev);