revoke privs before opening kvm if user has specified mem/kernel paths

1 files changed, 8 insertions, 1 deletions

diff --git a/sbin/ccdconfig/ccdconfig.c b/sbin/ccdconfig/ccdconfig.c
index 1fbc6b79150..a1d4eca88fa 100644
--- a/sbin/ccdconfig/ccdconfig.c
+++ b/sbin/ccdconfig/ccdconfig.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ccdconfig.c,v 1.4 1996/05/22 11:34:48 deraadt Exp $	*/
+/*	$OpenBSD: ccdconfig.c,v 1.5 1996/05/30 09:11:20 deraadt Exp $	*/
 /*	$NetBSD: ccdconfig.c,v 1.6 1996/05/16 07:11:18 thorpej Exp $	*/
 
 /*-
@@ -164,6 +164,13 @@ main(argc, argv)
 	if (options > 1)
 		usage();
 
+	/*
+	 * Discard setgid privileges if not the running kernel so that bad
+	 * guys can't print interesting stuff from kernel memory.
+	 */
+	if (core != NULL || kernel != NULL)
+		setgid(getgid());
+
 	switch (action) {
 		case CCD_CONFIG:
 		case CCD_UNCONFIG: