diff options
author | Ted Unangst <tedu@cvs.openbsd.org> | 2003-03-10 22:51:54 +0000 |
---|---|---|
committer | Ted Unangst <tedu@cvs.openbsd.org> | 2003-03-10 22:51:54 +0000 |
commit | eb4473cc2d721469a6a6e4c3ddfcbd7e8e7108fd (patch) | |
tree | aacf6026a04510dcb21960e7b193ed5c8017af9c /lib | |
parent | 86ca3a497853676e0b4bf089930796b5b8a17a7c (diff) |
add some notes about nosuid mounted file systems. suggested by deraadt@
ok deraadt@ millert@
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libc/sys/execve.2 | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/libc/sys/execve.2 b/lib/libc/sys/execve.2 index 86b4242f989..6e72e7711c2 100644 --- a/lib/libc/sys/execve.2 +++ b/lib/libc/sys/execve.2 @@ -1,4 +1,4 @@ -.\" $OpenBSD: execve.2,v 1.19 2002/07/16 01:41:39 deraadt Exp $ +.\" $OpenBSD: execve.2,v 1.20 2003/03/10 22:51:53 tedu Exp $ .\" $NetBSD: execve.2,v 1.9 1995/02/27 12:32:25 cgd Exp $ .\" .\" Copyright (c) 1980, 1991, 1993 @@ -157,6 +157,10 @@ the effective user ID is recorded as the saved set-user-ID, and the effective group ID is recorded as the saved set-group-ID. These values may be used in changing the effective IDs later (see .Xr setuid 2 ) . +The set-user-ID and and set-group-ID bits have no effect if the +new process image file is located on a file system mounted with +the nosuid flag. +The process will be started without the new permissions. .Pp The new process also inherits the following attributes from the calling process: |