aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTrevor Johnson <trevor@FreeBSD.org>2002-07-23 05:19:46 +0000
committerTrevor Johnson <trevor@FreeBSD.org>2002-07-23 05:19:46 +0000
commitd932b6ddcd33a8f951f328723aa6258271222aa4 (patch)
treee6a73952769361b2d6270ad7d615a42761f7c6bf
parenta29ea63414f94ed7dd287bf78f5e13be7d719f7f (diff)
downloadsrc-d932b6ddcd33a8f951f328723aa6258271222aa4.tar.gz
src-d932b6ddcd33a8f951f328723aa6258271222aa4.zip
from RELENG_4, patch by Theo de Raadt and Darren Reed to prevent
unprivileged users from tracing a process which formerly had privileges (described in FreeBSD-SA-02:30) Approved by: security-officer
Notes
Notes: svn path=/stable/2.2/; revision=100547
-rw-r--r--sys/kern/kern_ktrace.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/sys/kern/kern_ktrace.c b/sys/kern/kern_ktrace.c
index 061ac4bc7e6b..f8264b900173 100644
--- a/sys/kern/kern_ktrace.c
+++ b/sys/kern/kern_ktrace.c
@@ -517,7 +517,8 @@ ktrcanset(callp, targetp)
target->p_ruid == target->p_svuid &&
caller->p_rgid == target->p_rgid && /* XXX */
target->p_rgid == target->p_svgid &&
- (targetp->p_traceflag & KTRFAC_ROOT) == 0) ||
+ (targetp->p_traceflag & KTRFAC_ROOT) == 0 &&
+ (targetp->p_flag & P_SUGID) == 0) ||
caller->pc_ucred->cr_uid == 0)
return (1);