Date: Thu, 1 Feb 2024 21:31:21 GMT From: Olivier Certner <olce@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: d2d66fedc418 - stable/14 - setusercontext(): Set priority from '~/.login_conf' as well Message-ID: <202402012131.411LVLka081005@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch stable/14 has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=d2d66fedc418a9bccbe4ea92345f269106d6af32 commit d2d66fedc418a9bccbe4ea92345f269106d6af32 Author: Olivier Certner <olce@FreeBSD.org> AuthorDate: 2023-05-30 15:14:50 +0000 Commit: Olivier Certner <olce@FreeBSD.org> CommitDate: 2024-02-01 21:30:08 +0000 setusercontext(): Set priority from '~/.login_conf' as well Setting the process priority is done only when the current process' effective UID corresponds to that for which context is to be set. Consequently, setting priority is done with appropriate credentials and will fail if the target user tries to raise it unduly via his '~/.login_conf'. PR: 271751 Reviewed by: kib, Andrew Gierth <andrew_tao173.riddles.org.uk> Approved by: emaste (mentor) MFC after: 3 days Relnotes: yes Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40352 (cherry picked from commit f2a0277d3e51a6a839151eef17f466d0db2b7300) Approved by: markj (mentor) --- lib/libutil/login_class.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/libutil/login_class.c b/lib/libutil/login_class.c index f545e3661520..b4e52951bf9c 100644 --- a/lib/libutil/login_class.c +++ b/lib/libutil/login_class.c @@ -622,6 +622,8 @@ setusercontext(login_cap_t *lc, const struct passwd *pwd, uid_t uid, unsigned in */ if (geteuid() == uid && (lc = login_getuserclass(pwd)) != NULL) { setlogincontext(lc, pwd, flags); + if (flags & LOGIN_SETPRIORITY) + setclasspriority(lc, pwd); login_close(lc); }help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202402012131.411LVLka081005>