aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorPoul-Henning Kamp <phk@FreeBSD.org>2003-01-23 21:26:47 +0000
committerPoul-Henning Kamp <phk@FreeBSD.org>2003-01-23 21:26:47 +0000
commite0c2da42ecff6f4cfa4c677fa99b3b30ff7ffe5e (patch)
tree331b77e585bc318bc854e39adcac63726c61994a /lib
parentfd045cf5661a9a5b37ab87b07c593b4d84fa7aee (diff)
downloadsrc-e0c2da42ecff6f4cfa4c677fa99b3b30ff7ffe5e.tar.gz
src-e0c2da42ecff6f4cfa4c677fa99b3b30ff7ffe5e.zip
For "sensitive" processes, we always set the 'A' flag which causes abort()
to be called on first sight of trouble. "sensitive" is somewhat arbitrarily defined as "setuid, setgid, uid == root or gid == wheel". The 'A' option carries no performance penalty. It is not possible to override this setting: fix the program instead. Absentmindedly nodded OK to by: various
Notes
Notes: svn path=/head/; revision=109754
Diffstat (limited to 'lib')
-rw-r--r--lib/libc/stdlib/malloc.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/lib/libc/stdlib/malloc.c b/lib/libc/stdlib/malloc.c
index fdcc751f3036..3cd58f75bd43 100644
--- a/lib/libc/stdlib/malloc.c
+++ b/lib/libc/stdlib/malloc.c
@@ -465,6 +465,13 @@ malloc_init ()
}
}
+ /*
+ * Sensitive processes, somewhat arbitrarily defined here as setuid,
+ * setgid, root and wheel cannot afford to have malloc mistakes.
+ */
+ if (issetugid() || getuid() == 0 || getgid() == 0)
+ malloc_abort = 1;
+
UTRACE(0, 0, 0);
/*