diff options
| author | Philip Guenthe <guenther@cvs.openbsd.org> | 2009-06-02 11:04:56 +0000 |
|---|---|---|
| committer | Philip Guenthe <guenther@cvs.openbsd.org> | 2009-06-02 11:04:56 +0000 |
| commit | f01492784049d31b694caa93d8f283626ab12430 (patch) | |
| tree | 95926f88484fc6b429b06b1e9517a08dff0e8696 /sys | |
| parent | 8583ae425d6ba74ac8ee1e1237024a6e08854bef (diff) | |
A process should always be able to attach kevent filters to its own
threads, even when it has changed uid or gid in the past. As is, a
P_SUGID process using rthreads leaks the stack on thread exit.
requested and approved by tedu@ a while ago
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/kern/kern_event.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/sys/kern/kern_event.c b/sys/kern/kern_event.c index dce96e93300..4295a8cda84 100644 --- a/sys/kern/kern_event.c +++ b/sys/kern/kern_event.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_event.c,v 1.33 2008/05/06 20:57:19 thib Exp $ */ +/* $OpenBSD: kern_event.c,v 1.34 2009/06/02 11:04:55 guenther Exp $ */ /*- * Copyright (c) 1999,2000,2001 Jonathan Lemon <jlemon@FreeBSD.org> @@ -201,7 +201,8 @@ filt_procattach(struct knote *kn) * Fail if it's not owned by you, or the last exec gave us * setuid/setgid privs (unless you're root). */ - if ((p->p_cred->p_ruid != curproc->p_cred->p_ruid || + if (p->p_p != curproc->p_p && + (p->p_cred->p_ruid != curproc->p_cred->p_ruid || (p->p_flag & P_SUGID)) && suser(curproc, 0) != 0) return (EACCES); |