From owner-freebsd-bugs  Thu Jul 18 16:40:04 1996
Return-Path: owner-bugs
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id QAA28837
          for bugs-outgoing; Thu, 18 Jul 1996 16:40:04 -0700 (PDT)
Received: (from gnats@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id QAA28830;
          Thu, 18 Jul 1996 16:40:02 -0700 (PDT)
Resent-Date: Thu, 18 Jul 1996 16:40:02 -0700 (PDT)
Resent-Message-Id: <199607182340.QAA28830@freefall.freebsd.org>
Resent-From: gnats (GNATS Management)
Resent-To: freebsd-bugs
Resent-Reply-To: FreeBSD-gnats@freefall.FreeBSD.org, pst@jnx.com
Received: from red.jnx.com (ppp-2-219.sntc01.pacbell.net [206.170.2.219])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id QAA28011
          for <FreeBSD-gnats-submit@freebsd.org>; Thu, 18 Jul 1996 16:32:01 -0700 (PDT)
Received: (from pst@localhost) by red.jnx.com (8.7.5/8.7.3) id PAA14261; Thu, 18 Jul 1996 15:22:36 -0700 (PDT)
Message-Id: <199607182222.PAA14261@red.jnx.com>
Date: Thu, 18 Jul 1996 15:22:36 -0700 (PDT)
From: Paul Traina <pst@jnx.com>
Reply-To: pst@jnx.com
To: FreeBSD-gnats-submit@freebsd.org
X-Send-Pr-Version: 3.2
Subject: kern/1399: vnode-pager
Sender: owner-bugs@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


>Number:         1399
>Category:       kern
>Synopsis:       invoking setuid programs over NFS case vnode_pager error msgs
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jul 18 16:40:02 PDT 1996
>Last-Modified:
>Originator:     Paul Traina
>Organization:
Juniper Networks, Inc.
>Release:        FreeBSD 2.2-CURRENT i386
>Environment:

FreeBSD 2.2-CURRENT FreeBSD 2.2-CURRENT #0: Wed Jul 17 18:28:54 PDT 1996

>Description:

vnode_pager_getpages: I/O read error
vm_fault: pager input (probably hardware) error, PID 12278 failure
pid 12278 (R), uid 0: exited on signal 11

Is generated when I attempt to execute a setuid root program over NFS where
the setuid program can no longer read itself once it has begun to operate.
>How-To-Repeat:

I created the following program:

-r-sr-x---  1 root  pst  13039 Jul 17 14:05 bin/i386/foobar

Once the program begins to execute, it is no longer readable by the new
effective UID because this program is being read in over NFS and the
standard root privilege mapping prohibits reading.

Changing the permissions on the program to

-r-sr-xr-x  1 root  pst  13039 Jul 17 14:05 bin/i386/foobar

solves the problem, but clearly the error message is incorrect, and in fact
we should handle this situation a tad more gracefully.  I don't have the
slightest idea how to change the vnode pager, but it probably should continue
to operate under the original uid of the invoker (ugh, what would that change
break elsewhere?) as a conservative measure since the invoker could never
have started the program otherwise.

>Fix:
	

>Audit-Trail:
>Unformatted: