diff options
author | Thorsten Lockert <tholo@cvs.openbsd.org> | 1996-10-20 07:37:23 +0000 |
---|---|---|
committer | Thorsten Lockert <tholo@cvs.openbsd.org> | 1996-10-20 07:37:23 +0000 |
commit | 75d897a28c3d903af664acfcfd7cb28a499cb2a7 (patch) | |
tree | 8c5bf5f71d4901ed7b66a281f1738719649845c4 | |
parent | 9135101720841418961ada228d7b139f4365578e (diff) |
Further limit the cases where we write core files
-rw-r--r-- | sys/kern/kern_sig.c | 40 |
1 files changed, 34 insertions, 6 deletions
diff --git a/sys/kern/kern_sig.c b/sys/kern/kern_sig.c index 349ef5f883a..1c1d04b3b92 100644 --- a/sys/kern/kern_sig.c +++ b/sys/kern/kern_sig.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_sig.c,v 1.7 1996/10/18 06:08:40 tholo Exp $ */ +/* $OpenBSD: kern_sig.c,v 1.8 1996/10/20 07:37:22 tholo Exp $ */ /* $NetBSD: kern_sig.c,v 1.54 1996/04/22 01:38:32 christos Exp $ */ /* @@ -1046,13 +1046,15 @@ coredump(p) register struct proc *p; { register struct vnode *vp; - register struct ucred *cred = p->p_cred->pc_ucred; + register struct ucred *cred = p->p_ucred; register struct vmspace *vm = p->p_vmspace; struct nameidata nd; struct vattr vattr; int error, error1; char name[MAXCOMLEN+6]; /* progname.core */ struct core core; + uid_t uid; + gid_t gid; /* * Don't dump if not root and the process has used set user or @@ -1065,18 +1067,44 @@ coredump(p) /* Don't dump if will exceed file size limit. */ if (USPACE + ctob(vm->vm_dsize + vm->vm_ssize) >= p->p_rlimit[RLIMIT_CORE].rlim_cur) - return (EFAULT); + return (EFBIG); sprintf(name, "%s.core", p->p_comm); - NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_SYSSPACE, name, p); - if ((error = vn_open(&nd, O_CREAT | FWRITE, S_IRUSR | S_IWUSR)) != 0) + + /* + * Verify that EUID can write a core file... + */ + uid = cred->cr_uid; + gid = cred->cr_gid; + cred->cr_uid = p->p_cred->p_ruid; + cred->cr_gid = p->p_cred->p_rgid; + NDINIT(&nd, LOOKUP, NOFOLLOW | LOCKLEAF, UIO_SYSSPACE, name, p); + if ((error = namei(&nd)) != 0) { + cred->cr_uid = uid; + cred->cr_gid = gid; + return (error); + } + vp = nd.ni_vp; + if ((error = vn_writechk(vp)) == 0) + error = VOP_ACCESS(vp, VWRITE, cred, p); + vput(vp); + cred->cr_uid = uid; + cred->cr_gid = gid; + if (error) return (error); /* - * Change euid to uid for coredump output + * ... but actually write it as UID */ cred = crdup(cred); cred->cr_uid = p->p_cred->p_ruid; + cred->cr_gid = p->p_cred->p_rgid; + + NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_SYSSPACE, name, p); + if ((error = vn_open(&nd, O_CREAT | FWRITE, S_IRUSR | S_IWUSR)) != 0) { + crfree(cred); + return (error); + } /* * Don't dump to non-regular files, files with links, or files |