From b40ba3323ce10dc9107b9230446840ce179ef8bd Mon Sep 17 00:00:00 2001 From: deraadt Date: Sun, 2 Jul 2023 11:16:03 +0000 Subject: [PATCH] PS_CHROOT flag must also be copied when forking. This will block a ypconnect(2) from reading inside an incorrectly configured space. ok kettenis --- sys/kern/kern_fork.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/sys/kern/kern_fork.c b/sys/kern/kern_fork.c index 6c28078ebc9..97c9c4b7c5c 100644 --- a/sys/kern/kern_fork.c +++ b/sys/kern/kern_fork.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_fork.c,v 1.247 2023/04/25 18:14:06 claudio Exp $ */ +/* $OpenBSD: kern_fork.c,v 1.248 2023/07/02 11:16:03 deraadt Exp $ */ /* $NetBSD: kern_fork.c,v 1.29 1996/02/09 18:59:34 christos Exp $ */ /* @@ -241,7 +241,8 @@ process_new(struct proc *p, struct process *parent, int flags) unveil_copy(parent, pr); pr->ps_flags = parent->ps_flags & - (PS_SUGID | PS_SUGIDEXEC | PS_PLEDGE | PS_EXECPLEDGE | PS_WXNEEDED); + (PS_SUGID | PS_SUGIDEXEC | PS_PLEDGE | PS_EXECPLEDGE | + PS_WXNEEDED | PS_CHROOT); if (parent->ps_session->s_ttyvp != NULL) pr->ps_flags |= parent->ps_flags & PS_CONTROLT; -- 2.20.1