From owner-cvs-sys Sun Aug 3 22:41:33 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id WAA15369 for cvs-sys-outgoing; Sun, 3 Aug 1997 22:41:33 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id WAA15338; Sun, 3 Aug 1997 22:41:03 -0700 (PDT) From: David Greenman Received: (from davidg@localhost) by freefall.freebsd.org (8.8.6/8.8.5) id WAA14781; Sun, 3 Aug 1997 22:39:24 -0700 (PDT) Date: Sun, 3 Aug 1997 22:39:24 -0700 (PDT) Message-Id: <199708040539.WAA14781@freefall.freebsd.org> To: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG, cvs-sys@FreeBSD.ORG Subject: cvs commit: src/sys/kern kern_exec.c Sender: owner-cvs-sys@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk davidg 1997/08/03 22:39:24 PDT Modified files: sys/kern kern_exec.c Log: Fixed security hole with sharing the file descriptor table (via rfork) when execing a setuid/setgid binary. Code submitted by Sean Eric Fagan (sef@freebsd.org). Also consolidated the setuid/setgid checks into one place. Reviewed by: dyson,sef Revision Changes Path 1.64 +18 -10 src/sys/kern/kern_exec.c