summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>1996-07-29 14:51:42 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>1996-07-29 14:51:42 +0000
commit919f501e19cab8c39dc73f8c6eecd04a8879b30f (patch)
treeb3a0efa2ebaa63ab2fc2ad48a23a166e220756c5
parent82f44aed5ba3b5b4b55aec1b94427285cfd370cb (diff)
comment on ptrace & P_SUGID
-rw-r--r--sys/kern/sys_process.c13
1 files changed, 10 insertions, 3 deletions
diff --git a/sys/kern/sys_process.c b/sys/kern/sys_process.c
index f4a4d39cd4b..fa31c1247c4 100644
--- a/sys/kern/sys_process.c
+++ b/sys/kern/sys_process.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sys_process.c,v 1.3 1996/05/22 11:52:32 deraadt Exp $ */
+/* $OpenBSD: sys_process.c,v 1.4 1996/07/29 14:51:41 deraadt Exp $ */
/* $NetBSD: sys_process.c,v 1.55 1996/05/15 06:17:47 tls Exp $ */
/*-
@@ -124,8 +124,15 @@ sys_ptrace(p, v, retval)
return (EBUSY);
/*
- * (3) it's not owned by you, or is set-id on exec
- * (unless you're root), or...
+ * (3) it's not owned by you, or the last exec
+ * gave us setuid/setgid privs (unless
+ * you're root), or...
+ *
+ * [Note: once P_SUGID gets set in execve(), it stays
+ * set until the process does another execve(). Hence
+ * this prevents a setuid process which revokes it's
+ * special privilidges using setuid() from being
+ * traced. This is good security.]
*/
if ((t->p_cred->p_ruid != p->p_cred->p_ruid ||
ISSET(t->p_flag, P_SUGID)) &&