diff options
| author | Jacques Vidrine <nectar@FreeBSD.org> | 2002-07-30 15:43:17 +0000 |
|---|---|---|
| committer | Jacques Vidrine <nectar@FreeBSD.org> | 2002-07-30 15:43:17 +0000 |
| commit | e3afd60e4ee251a15e97db8a50a9ca0e8dcd68f3 (patch) | |
| tree | 7b7ee536dce68a7e2b1287e3042b4da056f47264 | |
| parent | d0f410836af3101dfdab0b327c3f729d51df1a3f (diff) | |
| download | src-e3afd60e4ee251a15e97db8a50a9ca0e8dcd68f3.tar.gz src-e3afd60e4ee251a15e97db8a50a9ca0e8dcd68f3.zip | |
MFC sys/kern/kern_exec.c 1.178: Fix ordering of set-(user|group)-ID checks.
Notes
Notes:
svn path=/releng/4.5/; revision=100952
| -rw-r--r-- | UPDATING | 6 | ||||
| -rw-r--r-- | sys/conf/newvers.sh | 2 | ||||
| -rw-r--r-- | sys/kern/kern_exec.c | 3 |
3 files changed, 8 insertions, 3 deletions
@@ -11,7 +11,7 @@ the common items quick how-tos, followed by entries for versions of This is for the 4.5 release branch. All entries since 4.5 are an itemized list of commits to this branch, numbered from the beginning. -By this count, we're at 4.5-RELEASE-p8. +By this count, we're at 4.5-RELEASE-p10. The security advisories related to various patches contain information on how to build/install a minimal set of binaries and start/stop a @@ -19,6 +19,10 @@ minimal number of processes, if possible, for that patch. For those updates that don't have an advisory, or to be safe, you can do a full build and install as described in the COMMON ITEMS section. +20020730: p10 FreeBSD-SA-02:23.stdio.v1.2 + A bug in the previous patch for the vulnerability described + in FreeBSD-SA-02:23.stdio was found and corrected. + 20020715: p9 Upgrade to BIND 8.3.3. diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh index 22ea25c9a5ae..bbd8c8faffd1 100644 --- a/sys/conf/newvers.sh +++ b/sys/conf/newvers.sh @@ -36,7 +36,7 @@ TYPE="FreeBSD" REVISION="4.5" -BRANCH="RELEASE-p9" +BRANCH="RELEASE-p10" RELEASE="${REVISION}-${BRANCH}" VERSION="${TYPE} ${RELEASE}" diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index a934572efeac..6760834e3005 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -328,6 +328,8 @@ interpret: vrele(vtmp); } } + /* Close any file descriptors 0..2 that reference procfs */ + setugidsafety(p); /* Make sure file descriptors 0..2 are in use. */ error = fdcheckstd(p); if (error != 0) @@ -340,7 +342,6 @@ interpret: change_euid(p, attr.va_uid); if (attr.va_mode & VSGID) p->p_ucred->cr_gid = attr.va_gid; - setugidsafety(p); } else { if (p->p_ucred->cr_uid == p->p_cred->p_ruid && p->p_ucred->cr_gid == p->p_cred->p_rgid) |