From 1e4adb28c7659158df5dd9c99480275327d532a3 Mon Sep 17 00:00:00 2001 From: Constantine Sapuntzakis Date: Fri, 9 Jan 1998 16:33:50 +0000 Subject: Get rid of dumping across symlinks. Races can cause this to be problematic from a security standpoint (i.e. arbitrary files on the FS can be wiped out). --- sys/kern/kern_sig.c | 9 ++++++--- sys/kern/vfs_vnops.c | 12 ++++++++++-- 2 files changed, 16 insertions(+), 5 deletions(-) (limited to 'sys/kern') diff --git a/sys/kern/kern_sig.c b/sys/kern/kern_sig.c index 70167fc076a..d8708bf31c0 100644 --- a/sys/kern/kern_sig.c +++ b/sys/kern/kern_sig.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_sig.c,v 1.23 1997/12/08 21:25:36 deraadt Exp $ */ +/* $OpenBSD: kern_sig.c,v 1.24 1998/01/09 16:33:48 csapuntz Exp $ */ /* $NetBSD: kern_sig.c,v 1.54 1996/04/22 01:38:32 christos Exp $ */ /* @@ -1103,7 +1103,7 @@ sigexit(p, signum) /* NOTREACHED */ } -int nosuidcoredump = 1; +int nosuidcoredump = 0; /* * Dump core, into a file named "progname.core", unless the process was @@ -1146,7 +1146,10 @@ coredump(p) sprintf(name, "%s.core", p->p_comm); NDINIT(&nd, LOOKUP, NOFOLLOW, UIO_SYSSPACE, name, p); - if ((error = vn_open(&nd, O_CREAT | FWRITE, S_IRUSR | S_IWUSR)) != 0) { + + error = vn_open(&nd, O_CREAT | FWRITE | FNOSYMLINK, S_IRUSR | S_IWUSR); + + if (error) { crfree(cred); return (error); } diff --git a/sys/kern/vfs_vnops.c b/sys/kern/vfs_vnops.c index 401e95a7375..9e6acaa698c 100644 --- a/sys/kern/vfs_vnops.c +++ b/sys/kern/vfs_vnops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vfs_vnops.c,v 1.13 1997/12/10 19:44:09 deraadt Exp $ */ +/* $OpenBSD: vfs_vnops.c,v 1.14 1998/01/09 16:33:49 csapuntz Exp $ */ /* $NetBSD: vfs_vnops.c,v 1.20 1996/02/04 02:18:41 christos Exp $ */ /* @@ -81,10 +81,12 @@ vn_open(ndp, fmode, cmode) if (fmode & O_CREAT) { ndp->ni_cnd.cn_nameiop = CREATE; ndp->ni_cnd.cn_flags = LOCKPARENT | LOCKLEAF; - if ((fmode & O_EXCL) == 0) + if (((fmode & O_EXCL) == 0) && + ((fmode & FNOSYMLINK) == 0)) ndp->ni_cnd.cn_flags |= FOLLOW; if ((error = namei(ndp)) != 0) return (error); + if (ndp->ni_vp == NULL) { VATTR_NULL(&va); va.va_type = VREG; @@ -108,6 +110,12 @@ vn_open(ndp, fmode, cmode) error = EEXIST; goto bad; } + if ((ndp->ni_vp->v_type == VLNK) & + ((fmode & FNOSYMLINK) != 0)) { + error = EFTYPE; + goto bad; + } + fmode &= ~O_CREAT; } } else { -- cgit v1.2.3