diff options
| author | Edward Tomasz Napierala <trasz@FreeBSD.org> | 2009-05-24 19:21:49 +0000 |
|---|---|---|
| committer | Edward Tomasz Napierala <trasz@FreeBSD.org> | 2009-05-24 19:21:49 +0000 |
| commit | 4076aa37dcd44070699f3500ec446eded7ec6ebb (patch) | |
| tree | 0593958adc91c4e64f9c692141207f0abe93b5da /sys/cddl/compat | |
| parent | c1edc4480e4e9812cf2359199ba2b8ba0db38f81 (diff) | |
| download | src-4076aa37dcd44070699f3500ec446eded7ec6ebb.tar.gz src-4076aa37dcd44070699f3500ec446eded7ec6ebb.zip | |
Don't allow non-owner to set SUID bit on a file. It doesn't make
any difference now, but in NFSv4 ACLs, there is write_acl permission,
which also affects mode changes.
Reviewed by: pjd
Notes
Notes:
svn path=/head/; revision=192694
Diffstat (limited to 'sys/cddl/compat')
| -rw-r--r-- | sys/cddl/compat/opensolaris/kern/opensolaris_policy.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c b/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c index 25c736e53ddd..cedf335257d6 100644 --- a/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c +++ b/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c @@ -302,6 +302,14 @@ secpolicy_setid_setsticky_clear(struct vnode *vp, struct vattr *vap, if (error) return (error); } + /* + * Deny setting setuid if we are not the file owner. + */ + if ((vap->va_mode & S_ISUID) && ovap->va_uid != cred->cr_uid) { + error = priv_check_cred(cred, PRIV_VFS_ADMIN, 0); + if (error) + return (error); + } return (0); } |