Date: Tue, 4 Sep 2001 09:15:51 -0700 (PDT) From: Ruslan Ermilov <ru@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/usr.bin/at panic.c privs.h Message-ID: <200109041615.f84GFpx76144@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
ru 2001/09/04 09:15:51 PDT
Modified files:
usr.bin/at panic.c privs.h
Log:
SECURITY.
Fixed macros for temporarily relinquishing and restoring setuid/setgid
privileges so that they never change the real user and group IDs of
the calling process.
The setre[ug]id() calls are still used in the REDUCE_PERM macro (with
the r[ug]id arguments of -1) so that the call changes the saved user
and group IDs of the process to that specified.
Also, the panic() and perr() functions had insufficient privileges to
delete the problematic file under /var/at.
Revision Changes Path
1.11 +10 -3 src/usr.bin/at/panic.c
1.8 +38 -43 src/usr.bin/at/privs.h
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200109041615.f84GFpx76144>