diff options
author | Robert Watson <rwatson@FreeBSD.org> | 2003-08-04 00:31:01 +0000 |
---|---|---|
committer | Robert Watson <rwatson@FreeBSD.org> | 2003-08-04 00:31:01 +0000 |
commit | 7942b925b8537267bcaa141840f6102f5b15b4d9 (patch) | |
tree | 3a4602a25c33b98c114e6e51ecec47496f7700b5 /sys | |
parent | f19fc5d8b3a864ce0d7f9bf94a9f34872bf4e8cc (diff) | |
download | src-7942b925b8537267bcaa141840f6102f5b15b4d9.tar.gz src-7942b925b8537267bcaa141840f6102f5b15b4d9.zip |
In ufs_chmod(), use privilege only when required in the following
cases:
- Setting sticky bit on non-directory
- Setting setgid on a file with a group that isn't in the effective
or extended groups of the authorizing credential
I.e., test the requirement first, then do the privilege test,
rather than doing the privilege test regardless of the need for
privilege.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
Notes
Notes:
svn path=/head/; revision=118404
Diffstat (limited to 'sys')
-rw-r--r-- | sys/ufs/ufs/ufs_vnops.c | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/sys/ufs/ufs/ufs_vnops.c b/sys/ufs/ufs/ufs_vnops.c index 971fce1f7f7d..1b461bdae8b8 100644 --- a/sys/ufs/ufs/ufs_vnops.c +++ b/sys/ufs/ufs/ufs_vnops.c @@ -645,13 +645,17 @@ ufs_chmod(vp, mode, cred, td) /* * Privileged processes may set the sticky bit on non-directories, * as well as set the setgid bit on a file with a group that the - * process is not a member of. + * process is not a member of. Both of these are allowed in + * jail(8). */ - if (suser_cred(cred, PRISON_ROOT)) { - if (vp->v_type != VDIR && (mode & S_ISTXT)) + if (vp->v_type != VDIR && (mode & S_ISTXT)) { + if (suser_cred(cred, PRISON_ROOT)) return (EFTYPE); - if (!groupmember(ip->i_gid, cred) && (mode & ISGID)) - return (EPERM); + } + if (!groupmember(ip->i_gid, cred) && (mode & ISGID)) { + error = suser_cred(cred, PRISON_ROOT); + if (error) + return (error); } ip->i_mode &= ~ALLPERMS; ip->i_mode |= (mode & ALLPERMS); |