diff options
author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2002-07-11 16:47:55 +0000 |
---|---|---|
committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2002-07-11 16:47:55 +0000 |
commit | 1a6496aa3fb8824f56168d99e46c484cf3980670 (patch) | |
tree | 6c456c86e69ca38ddb872381480d6a9533ec765f | |
parent | 2e6ab48414fb2a99a016787e384f5e99f765674f (diff) | |
download | src-1a6496aa3fb8824f56168d99e46c484cf3980670.tar.gz src-1a6496aa3fb8824f56168d99e46c484cf3980670.zip |
Notes
-rw-r--r-- | UPDATING | 3 | ||||
-rw-r--r-- | sys/kern/kern_ktrace.c | 3 |
2 files changed, 5 insertions, 1 deletions
@@ -19,6 +19,9 @@ minimal number of processes, if possible, for that patch. For those updates that don't have an advisory, or to be safe, you can do a full build and install as described in the COMMON ITEMS section. +20020711: FreeBSD-SA-02:30.ktrace + Prevent users from tracing previously privileged processes. + 20020626: p7 FreeBSD-SA-02:28.resolv A fix for a buffer overflow in libc has been corrected. diff --git a/sys/kern/kern_ktrace.c b/sys/kern/kern_ktrace.c index c535097ace32..7a453d46608b 100644 --- a/sys/kern/kern_ktrace.c +++ b/sys/kern/kern_ktrace.c @@ -571,7 +571,8 @@ ktrcanset(callp, targetp) target->p_ruid == target->p_svuid && caller->p_rgid == target->p_rgid && /* XXX */ target->p_rgid == target->p_svgid && - (targetp->p_traceflag & KTRFAC_ROOT) == 0) || + (targetp->p_traceflag & KTRFAC_ROOT) == 0 && + (targetp->p_flag & P_SUGID) == 0) || caller->pc_ucred->cr_uid == 0) return (1); |