only allow setuid if fd_refcnt == 1, due to rfork

2 files changed, 4 insertions, 5 deletions

diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c
index afef8c589d9..4dfb48a0e9c 100644
--- a/sys/kern/kern_exec.c
+++ b/sys/kern/kern_exec.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_exec.c,v 1.11 1997/06/05 08:05:54 deraadt Exp $	*/
+/*	$OpenBSD: kern_exec.c,v 1.12 1997/08/01 22:54:50 deraadt Exp $	*/
 /*	$NetBSD: kern_exec.c,v 1.75 1996/02/09 18:59:28 christos Exp $	*/
 
 /*-
@@ -124,7 +124,8 @@ check_exec(p, epp)
 		error = EACCES;
 		goto bad1;
 	}
-	if ((vp->v_mount->mnt_flag & MNT_NOSUID) || (p->p_flag & P_TRACED))
+	if ((vp->v_mount->mnt_flag & MNT_NOSUID) ||
+	    (p->p_flag & P_TRACED) || p->p_fd->fd_refcnt > 1)
 		epp->ep_vap->va_mode &= ~(VSUID | VSGID);
 
 	/* check access.  for root we have to see if any exec bit on */
diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c
index f87e27995c7..c0b75327368 100644
--- a/sys/kern/kern_fork.c
+++ b/sys/kern/kern_fork.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_fork.c,v 1.10 1997/08/01 21:59:13 deraadt Exp $	*/
+/*	$OpenBSD: kern_fork.c,v 1.11 1997/08/01 22:54:49 deraadt Exp $	*/
 /*	$NetBSD: kern_fork.c,v 1.29 1996/02/09 18:59:34 christos Exp $	*/
 
 /*
@@ -130,8 +130,6 @@ fork1(p1, forktype, rforkflags, retval)
 			return (EINVAL);	/* XXX unimplimented */
 		if (rforkflags & RFCFDG)
 			cleanfd = 1;
-		if (dupfd == 0)
-			return (EPERM);
 	}
 
 	/*