-.\" $OpenBSD: issetugid.2,v 1.6 1997/02/05 22:56:43 deraadt Exp $
+.\" $OpenBSD: issetugid.2,v 1.7 1997/02/18 00:16:09 deraadt Exp $
.\"
.\" Copyright (c) 1980, 1991, 1993
.\" The Regents of the University of California. All rights reserved.
.Pp
.Fn issetugid
is unaffected by calls to
-.Fn setuid
+.Fn setuid ,
+.Fn fork ,
and other such calls. It is only controlled by
.Fn execve .
.Sh ERRORS
-/* $OpenBSD: kern_exec.c,v 1.7 1996/08/31 09:24:09 pefo Exp $ */
+/* $OpenBSD: kern_exec.c,v 1.8 1997/02/18 00:16:05 deraadt Exp $ */
/* $NetBSD: kern_exec.c,v 1.75 1996/02/09 18:59:28 christos Exp $ */
/*-
wakeup((caddr_t) p->p_pptr);
}
+ /*
+ * If process does execve() while it has euid/uid or egid/gid
+ * which are mismatched, it remains P_SUGIDEXEC.
+ */
+ if (p->p_ucred->cr_uid == p->p_cred->p_ruid &&
+ p->p_ucred->cr_gid == p->p_cred->p_rgid)
+ p->p_flag &= ~P_SUGIDEXEC;
+
/*
* deal with set[ug]id.
* MNT_NOEXEC and P_TRACED have already been used to disable s[ug]id.
p->p_ucred->cr_gid = attr.va_gid;
p->p_flag |= P_SUGID;
p->p_flag |= P_SUGIDEXEC;
- } else {
+ } else
p->p_flag &= ~P_SUGID;
- p->p_flag &= ~P_SUGIDEXEC;
- }
p->p_cred->p_svuid = p->p_ucred->cr_uid;
p->p_cred->p_svgid = p->p_ucred->cr_gid;
projects / openbsd / commitdiff