diff options
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/kern/kern_prot.c | 33 | ||||
| -rw-r--r-- | sys/sys/unistd.h | 10 |
2 files changed, 25 insertions, 18 deletions
diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index f957ecbccb3..fe386801da0 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_prot.c,v 1.2 1996/03/03 17:19:52 niklas Exp $ */ +/* $OpenBSD: kern_prot.c,v 1.3 1996/08/01 05:26:02 tholo Exp $ */ /* $NetBSD: kern_prot.c,v 1.33 1996/02/09 18:59:42 christos Exp $ */ /* @@ -275,19 +275,29 @@ sys_setuid(p, v, retval) uid = SCARG(uap, uid); #endif if (uid != pc->p_ruid && + uid != pc->pc_ucred->cr_uid && (error = suser(pc->pc_ucred, &p->p_acflag))) return (error); /* * Everything's okay, do it. - * Transfer proc count to new user. + */ + if (uid == pc->pc_ucred->cr_uid || + suser(pc->pc_ucred, &p->p_acflag) == 0) { + /* + * Transfer proc count to new user. + */ + if (uid != pc->p_ruid) { + (void)chgproccnt(pc->p_ruid, -1); + (void)chgproccnt(uid, 1); + } + pc->p_ruid = uid; + pc->p_svuid = uid; + } + /* * Copy credentials so other references do not see our changes. */ - (void)chgproccnt(pc->p_ruid, -1); - (void)chgproccnt(uid, 1); pc->pc_ucred = crcopy(pc->pc_ucred); pc->pc_ucred->cr_uid = uid; - pc->p_ruid = uid; - pc->p_svuid = uid; p->p_flag |= P_SUGID; return (0); } @@ -343,12 +353,17 @@ sys_setgid(p, v, retval) #else gid = SCARG(uap, gid); #endif - if (gid != pc->p_rgid && (error = suser(pc->pc_ucred, &p->p_acflag))) + if (gid != pc->p_rgid && + gid != pc->pc_ucred->cr_gid && + (error = suser(pc->pc_ucred, &p->p_acflag))) return (error); + if (gid == pc->pc_ucred->cr_gid || + suser(pc->pc_ucred, &p->p_acflag) == 0) { + pc->p_rgid = gid; + pc->p_svgid = gid; + } pc->pc_ucred = crcopy(pc->pc_ucred); pc->pc_ucred->cr_gid = gid; - pc->p_rgid = gid; - pc->p_svgid = gid; /* ??? */ p->p_flag |= P_SUGID; return (0); } diff --git a/sys/sys/unistd.h b/sys/sys/unistd.h index ec861cea36d..2a58fdf7f49 100644 --- a/sys/sys/unistd.h +++ b/sys/sys/unistd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: unistd.h,v 1.2 1996/03/03 12:12:40 niklas Exp $ */ +/* $OpenBSD: unistd.h,v 1.3 1996/08/01 05:26:03 tholo Exp $ */ /* $NetBSD: unistd.h,v 1.10 1994/06/29 06:46:06 cgd Exp $ */ /* @@ -42,15 +42,7 @@ /* compile-time symbolic constants */ #define _POSIX_JOB_CONTROL /* implementation supports job control */ -/* - * Although we have saved user/group IDs, we do not use them in setuid - * as described in POSIX 1003.1, because the feature does not work for - * root. We use the saved IDs in seteuid/setegid, which are not currently - * part of the POSIX 1003.1 specification. - */ -#ifdef _NOT_AVAILABLE #define _POSIX_SAVED_IDS /* saved set-user-ID and set-group-ID */ -#endif #define _POSIX_VERSION 198808L #define _POSIX2_VERSION 199212L |