summaryrefslogtreecommitdiff
path: root/sys/kern
diff options
context:
space:
mode:
authorSebastien Marie <semarie@cvs.openbsd.org>2015-12-16 15:52:52 +0000
committerSebastien Marie <semarie@cvs.openbsd.org>2015-12-16 15:52:52 +0000
commit657eb6c59bbc0fb9e5a0d98b85723e13db808e44 (patch)
tree2b09bc58d3de78d8f0d37c9d6f7215b0fccfbb6c /sys/kern
parentc67bff6d2121c5d0885a029c6a4a37d7a17034c1 (diff)
in pledged process, setuid/setgid/sticky bits should be ignored.
enforce it for open(2) when used with O_CREAT and mode. ok deraadt@
Diffstat (limited to 'sys/kern')
-rw-r--r--sys/kern/vfs_syscalls.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c
index 017ecd2ac88..3e356990aa9 100644
--- a/sys/kern/vfs_syscalls.c
+++ b/sys/kern/vfs_syscalls.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: vfs_syscalls.c,v 1.248 2015/12/16 08:27:32 semarie Exp $ */
+/* $OpenBSD: vfs_syscalls.c,v 1.249 2015/12/16 15:52:51 semarie Exp $ */
/* $NetBSD: vfs_syscalls.c,v 1.71 1996/04/23 10:29:02 mycroft Exp $ */
/*
@@ -871,6 +871,8 @@ doopenat(struct proc *p, int fd, const char *path, int oflags, mode_t mode,
fdp->fd_ofileflags[indx] |= UF_EXCLOSE;
cmode = ((mode &~ fdp->fd_cmask) & ALLPERMS) &~ S_ISTXT;
+ if ((p->p_p->ps_flags & PS_PLEDGE))
+ cmode &= ACCESSPERMS;
NDINITAT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, fd, path, p);
nd.ni_pledge = ni_pledge;
p->p_dupfd = -1; /* XXX check for fdopen */
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-23 09:00:21 +0000