Date: Tue, 1 Sep 2015 06:32:03 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r287346 - head/usr.sbin/trpt Message-ID: <201509010632.t816W3PK039082@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Tue Sep 1 06:32:02 2015 New Revision: 287346 URL: https://svnweb.freebsd.org/changeset/base/287346 Log: Check and fail if drop of privileges failed. MFC after: 2 weeks Modified: head/usr.sbin/trpt/trpt.c Modified: head/usr.sbin/trpt/trpt.c ============================================================================== --- head/usr.sbin/trpt/trpt.c Tue Sep 1 06:28:16 2015 (r287345) +++ head/usr.sbin/trpt/trpt.c Tue Sep 1 06:32:02 2015 (r287346) @@ -148,7 +148,8 @@ main(int argc, char **argv) * Discard setgid privileges if not the running kernel so that * bad guys can't print interesting stuff from kernel memory. */ - setgid(getgid()); + if (setgid(getgid()) != 0) + err(1, "setgid"); } else syst = getbootfile(); @@ -157,7 +158,8 @@ main(int argc, char **argv) errx(1, "%s: no namelist", syst); if ((memf = open(core, O_RDONLY)) < 0) err(2, "%s", core); - setgid(getgid()); + if (setgid(getgid()) != 0) + err(1, "setgid"); if (kflag) errx(1, "can't do core files yet"); (void)klseek(memf, (off_t)nl[N_TCP_DEBX].n_value, L_SET);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201509010632.t816W3PK039082>