summaryrefslogtreecommitdiff
path: root/sys
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2023-07-02 11:16:04 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2023-07-02 11:16:04 +0000
commite92b63e235b2cf147f297acd4d587254feb41109 (patch)
tree733580ac73b2bbd41c00d8bb0f11798cf934c70e /sys
parentca1e91dc49ae28ff332b54f31934dfadd9bf3c38 (diff)
PS_CHROOT flag must also be copied when forking. This will block
a ypconnect(2) from reading inside an incorrectly configured space. ok kettenis
Diffstat (limited to 'sys')
-rw-r--r--sys/kern/kern_fork.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c
index 6c28078ebc9..97c9c4b7c5c 100644
--- a/sys/kern/kern_fork.c
+++ b/sys/kern/kern_fork.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kern_fork.c,v 1.247 2023/04/25 18:14:06 claudio Exp $ */
+/* $OpenBSD: kern_fork.c,v 1.248 2023/07/02 11:16:03 deraadt Exp $ */
/* $NetBSD: kern_fork.c,v 1.29 1996/02/09 18:59:34 christos Exp $ */
/*
@@ -241,7 +241,8 @@ process_new(struct proc *p, struct process *parent, int flags)
unveil_copy(parent, pr);
pr->ps_flags = parent->ps_flags &
- (PS_SUGID | PS_SUGIDEXEC | PS_PLEDGE | PS_EXECPLEDGE | PS_WXNEEDED);
+ (PS_SUGID | PS_SUGIDEXEC | PS_PLEDGE | PS_EXECPLEDGE |
+ PS_WXNEEDED | PS_CHROOT);
if (parent->ps_session->s_ttyvp != NULL)
pr->ps_flags |= parent->ps_flags & PS_CONTROLT;
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-04 07:21:05 +0000