diff options
author | Olivier Certner <olce.freebsd@certner.fr> | 2023-05-30 16:35:08 +0000 |
---|---|---|
committer | Ed Maste <emaste@FreeBSD.org> | 2023-10-10 01:47:10 +0000 |
commit | 892654fe9b5a9115815c30a423b8db47185aebbd (patch) | |
tree | 5f9df0fd46526eb8782428cf5420ef54df3e9940 | |
parent | 6e92fc930943a85f311e986a02e2b3dae9e37126 (diff) | |
download | src-892654fe9b5a9115815c30a423b8db47185aebbd.tar.gz src-892654fe9b5a9115815c30a423b8db47185aebbd.zip |
setusercontext(): Apply personal settings only on matching effective UID
Commit 35305a8dc114 (r211393) added a check on whether 'uid' was equal
to getuid() before calling setlogincontext(). Doing so still allows
a setuid program to apply resource limits and priorities specified in
a user-controlled configuration file ('~/.login_conf') where
a non-setuid program could not. Plug the hole by checking instead that
the process' effective UID is the target one (which is likely what was
meant in the initial commit).
PR: 271750
Reviewed by: kib, des
MFC after: 2 weeks
Sponsored by: Kumacom SAS
Differential Revision: https://reviews.freebsd.org/D40351
-rw-r--r-- | lib/libutil/login_class.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/libutil/login_class.c b/lib/libutil/login_class.c index 90a3ec5d106a..1036e9f9208c 100644 --- a/lib/libutil/login_class.c +++ b/lib/libutil/login_class.c @@ -546,7 +546,7 @@ setusercontext(login_cap_t *lc, const struct passwd *pwd, uid_t uid, unsigned in /* * Now, we repeat some of the above for the user's private entries */ - if (getuid() == uid && (lc = login_getuserclass(pwd)) != NULL) { + if (geteuid() == uid && (lc = login_getuserclass(pwd)) != NULL) { mymask = setlogincontext(lc, pwd, mymask, flags); login_close(lc); } |