diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 1998-06-09 17:23:05 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 1998-06-09 17:23:05 +0000 |
| commit | fdfa14ad8bca4fb34dd91060bb44972e16d6f692 (patch) | |
| tree | a4325c3889812f3796dd7835a14145354c23acdf /sys/kern | |
| parent | 0f310048ac34dc61d82e5e50e305c2e8e6bfb166 (diff) | |
if we are being ptraced, do not permit execve of an immutable binary
Diffstat (limited to 'sys/kern')
| -rw-r--r-- | sys/kern/kern_exec.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index 99966d022ba..8e198fc5105 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_exec.c,v 1.17 1998/02/20 14:45:16 niklas Exp $ */ +/* $OpenBSD: kern_exec.c,v 1.18 1998/06/09 17:23:04 deraadt Exp $ */ /* $NetBSD: kern_exec.c,v 1.75 1996/02/09 18:59:28 christos Exp $ */ /*- @@ -127,6 +127,8 @@ check_exec(p, epp) if ((vp->v_mount->mnt_flag & MNT_NOSUID) || (p->p_flag & P_TRACED) || p->p_fd->fd_refcnt > 1) epp->ep_vap->va_mode &= ~(VSUID | VSGID); + if (p->p_flag & P_TRACED && (epp->ep_vap->va_flags & IMMUTABLE)) + goto bad1; /* check access. for root we have to see if any exec bit on */ if ((error = VOP_ACCESS(vp, VEXEC, p->p_ucred, p)) != 0) |