aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPeter Wemm <peter@FreeBSD.org>2001-06-16 23:41:58 +0000
committerPeter Wemm <peter@FreeBSD.org>2001-06-16 23:41:58 +0000
commita87462cae31a4badb24f81103f97b5addfed18d0 (patch)
tree02c3e922dc585f73909fc0570665e0592c3fb8a8
parent5fc8aceac590becbc4532c3052c4d04fca2ac507 (diff)
downloadsrc-a87462cae31a4badb24f81103f97b5addfed18d0.tar.gz
src-a87462cae31a4badb24f81103f97b5addfed18d0.zip
MFC: rev 1.131: set P_SUGID before releasing ptrace and block opportunities
Notes
Notes: svn path=/stable/3/; revision=78372
-rw-r--r--sys/kern/kern_exec.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c
index cb025ef92330..e7d9df98f4a8 100644
--- a/sys/kern/kern_exec.c
+++ b/sys/kern/kern_exec.c
@@ -265,8 +265,10 @@ interpret:
(p->p_flag & P_TRACED) == 0) {
/*
* Turn off syscall tracing for set-id programs, except for
- * root.
+ * root. Record any set-id flags first to make sure that
+ * we do not regain any tracing during a possible block.
*/
+ setsugid(p);
if (p->p_tracep && suser(p->p_ucred, &p->p_acflag)) {
p->p_traceflag = 0;
vrele(p->p_tracep);
@@ -280,7 +282,6 @@ interpret:
p->p_ucred->cr_uid = attr.va_uid;
if (attr.va_mode & VSGID)
p->p_ucred->cr_gid = attr.va_gid;
- setsugid(p);
setugidsafety(p);
} else {
if (p->p_ucred->cr_uid == p->p_cred->p_ruid &&