From owner-freebsd-security Wed Feb 7 06:30:24 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id GAA01827 for security-outgoing; Wed, 7 Feb 1996 06:30:24 -0800 (PST) Received: from who.cdrom.com (who.cdrom.com [192.216.222.3]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id GAA01822 for ; Wed, 7 Feb 1996 06:30:22 -0800 (PST) Received: from mail.cs.tu-berlin.de (root@mail.cs.tu-berlin.de [130.149.17.13]) by who.cdrom.com (8.6.12/8.6.11) with ESMTP id GAA00474 for ; Wed, 7 Feb 1996 06:29:36 -0800 Received: from gundula.cs.tu-berlin.de (wosch@gundula.cs.tu-berlin.de [130.149.17.46]) by mail.cs.tu-berlin.de (8.6.12/8.6.12) with ESMTP id PAA19852 for ; Wed, 7 Feb 1996 15:03:28 +0100 From: Wolfram Schneider Received: (wosch@localhost) by gundula.cs.tu-berlin.de (8.6.12/8.6.12) id PAA15972; Wed, 7 Feb 1996 15:03:24 +0100 Date: Wed, 7 Feb 1996 15:03:24 +0100 Message-Id: <199602071403.PAA15972@gundula.cs.tu-berlin.de> To: security@freebsd.org Subject: chown(2) patch MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Content-Conversion: prohibited Sender: owner-security@freebsd.org Precedence: bulk from bug reports [1995/08/13] kern/679 chown(2) ignores set-user-id and set-group-id bits for user root --- 1.1 1995/09/05 22:12:59 +++ ufs_vnops.c 1996/02/04 22:43:42 @@ -546,10 +546,24 @@ #endif /* QUOTA */ if (ouid != uid || ogid != gid) ip->i_flag |= IN_CHANGE; + +#ifdef COMPAT_CHOWN + /* clear suid/sgid flag for non-root files */ if (ouid != uid && cred->cr_uid != 0) ip->i_mode &= ~ISUID; if (ogid != gid && cred->cr_uid != 0) ip->i_mode &= ~ISGID; +#else + /* + * always clear suid/sgid flags, + * also for root like manpage claims + */ + + if (ouid != uid) + ip->i_mode &= ~ISUID; + if (ogid != gid) + ip->i_mode &= ~ISGID; +#endif /* !COMPAT_COMPAT */ return (0); }