diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 1997-10-17 04:41:11 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 1997-10-17 04:41:11 +0000 |
| commit | d20defb6bf3dd18b30baa1c40926cdac5ba184eb (patch) | |
| tree | b2f12ea049c3b20895c93303305d39ab734d9d28 /sys | |
| parent | 537a5e2c8a6843c2f5fb96ed7bfabe09797cd8ae (diff) | |
Don't allow root to set the clock back in time if securelevel > 1. This
got nuked when settime() was added.
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/kern/kern_time.c | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/sys/kern/kern_time.c b/sys/kern/kern_time.c index e3d1dc45a0b..6745f6b63b9 100644 --- a/sys/kern/kern_time.c +++ b/sys/kern/kern_time.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_time.c,v 1.9 1997/04/28 01:33:47 niklas Exp $ */ +/* $OpenBSD: kern_time.c,v 1.10 1997/10/17 04:41:10 millert Exp $ */ /* $NetBSD: kern_time.c,v 1.20 1996/02/18 11:57:06 fvdl Exp $ */ /* @@ -141,9 +141,18 @@ sys_clock_settime(p, v, retval) return (error); TIMESPEC_TO_TIMEVAL(&atv,&ats); + + /* + * If the system is secure, we do not allow the time to be + * set to an earlier value (it may be slowed using adjtime, + * but not set back). This feature prevent interlopers from + * setting arbitrary time stamps on files. + */ + if (securelevel > 1 && timercmp(&atv, &time, <)) + return (EPERM); settime(&atv); - return 0; + return (0); } int @@ -287,8 +296,17 @@ sys_settimeofday(p, v, retval) if (SCARG(uap, tzp) && (error = copyin((void *)SCARG(uap, tzp), (void *)&atz, sizeof(atz)))) return (error); - if (SCARG(uap, tv)) + if (SCARG(uap, tv)) { + /* + * If the system is secure, we do not allow the time to be + * set to an earlier value (it may be slowed using adjtime, + * but not set back). This feature prevent interlopers from + * setting arbitrary time stamps on files. + */ + if (securelevel > 1 && timercmp(&atv, &time, <)) + return (EPERM); settime(&atv); + } if (SCARG(uap, tzp)) tz = atz; return (0); |