summaryrefslogtreecommitdiff
path: root/sys/kern
diff options
context:
space:
mode:
authorEdward Tomasz Napierala <trasz@FreeBSD.org>2021-07-20 08:56:04 +0000
committerEdward Tomasz Napierala <trasz@FreeBSD.org>2022-02-14 18:42:21 +0000
commit460b4b550dc9619f33a0d1af3870eaef60b04797 (patch)
treeb7bbcc372632d035ea5e5679ef569aac45b278c2 /sys/kern
parentc428292cb3768d913eda6d546ece59379b6277d5 (diff)
Diffstat (limited to 'sys/kern')
-rw-r--r--sys/kern/vfs_syscalls.c17
1 files changed, 15 insertions, 2 deletions
diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c
index 3d1e7d9c73fa..19a32a175895 100644
--- a/sys/kern/vfs_syscalls.c
+++ b/sys/kern/vfs_syscalls.c
@@ -956,6 +956,10 @@ kern_chdir(struct thread *td, const char *path, enum uio_seg pathseg)
return (0);
}
+static int unprivileged_chroot = 0;
+SYSCTL_INT(_security_bsd, OID_AUTO, unprivileged_chroot, CTLFLAG_RW,
+ &unprivileged_chroot, 0,
+ "Unprivileged processes can use chroot(2)");
/*
* Change notion of root (``/'') directory.
*/
@@ -968,11 +972,20 @@ int
sys_chroot(struct thread *td, struct chroot_args *uap)
{
struct nameidata nd;
+ struct proc *p;
int error;
error = priv_check(td, PRIV_VFS_CHROOT);
- if (error != 0)
- return (error);
+ if (error != 0) {
+ p = td->td_proc;
+ PROC_LOCK(p);
+ if (unprivileged_chroot == 0 ||
+ (p->p_flag2 & P2_NO_NEW_PRIVS) == 0) {
+ PROC_UNLOCK(p);
+ return (error);
+ }
+ PROC_UNLOCK(p);
+ }
NDINIT(&nd, LOOKUP, FOLLOW | LOCKSHARED | LOCKLEAF | AUDITVNODE1,
UIO_USERSPACE, uap->path, td);
error = namei(&nd);
generated by cgit v1.3 (git 2.53.0) at 2026-04-20 20:17:21 +0000