patches for easier mirroring, to eliminate a special copy, to make www.freebsd.org/security a full copy of security.freebsd.org and be eventually be the same. For now files are just sitting there. The symlinks are missing. Discussed on: www (repository location) Discussed with: simon (so)
112 lines
3.8 KiB
Diff
112 lines
3.8 KiB
Diff
Index: sys/sys/filedesc.h
|
|
===================================================================
|
|
RCS file: /home/ncvs/src/sys/sys/filedesc.h,v
|
|
retrieving revision 1.19.2.3
|
|
diff -u -r1.19.2.3 filedesc.h
|
|
--- sys/sys/filedesc.h 2000/11/26 02:30:08 1.19.2.3
|
|
+++ sys/sys/filedesc.h 2002/04/19 14:25:39
|
|
@@ -142,6 +142,7 @@
|
|
void fdfree __P((struct proc *p));
|
|
int closef __P((struct file *fp,struct proc *p));
|
|
void fdcloseexec __P((struct proc *p));
|
|
+int fdcheckstd __P((struct proc *p));
|
|
struct file *holdfp __P((struct filedesc* fdp, int fd, int flag));
|
|
int getvnode __P((struct filedesc *fdp, int fd, struct file **fpp));
|
|
int fdissequential __P((struct file *));
|
|
Index: sys/kern/kern_exec.c
|
|
===================================================================
|
|
RCS file: /home/ncvs/src/sys/kern/kern_exec.c,v
|
|
retrieving revision 1.107.2.13
|
|
diff -u -r1.107.2.13 kern_exec.c
|
|
--- sys/kern/kern_exec.c 2002/01/22 17:22:59 1.107.2.13
|
|
+++ sys/kern/kern_exec.c 2002/04/19 14:25:39
|
|
@@ -328,6 +328,10 @@
|
|
vrele(vtmp);
|
|
}
|
|
}
|
|
+ /* Make sure file descriptors 0..2 are in use. */
|
|
+ error = fdcheckstd(p);
|
|
+ if (error != 0)
|
|
+ goto exec_fail_dealloc;
|
|
/*
|
|
* Set the new credentials.
|
|
*/
|
|
Index: sys/kern/kern_descrip.c
|
|
===================================================================
|
|
RCS file: /home/ncvs/src/sys/kern/kern_descrip.c,v
|
|
retrieving revision 1.81.2.10
|
|
diff -u -r1.81.2.10 kern_descrip.c
|
|
--- sys/kern/kern_descrip.c 2002/02/16 09:23:37 1.81.2.10
|
|
+++ sys/kern/kern_descrip.c 2002/04/19 14:25:39
|
|
@@ -50,6 +50,7 @@
|
|
#include <sys/sysctl.h>
|
|
#include <sys/vnode.h>
|
|
#include <sys/proc.h>
|
|
+#include <sys/namei.h>
|
|
#include <sys/file.h>
|
|
#include <sys/stat.h>
|
|
#include <sys/filio.h>
|
|
@@ -1181,6 +1182,63 @@
|
|
}
|
|
while (fdp->fd_lastfile > 0 && fdp->fd_ofiles[fdp->fd_lastfile] == NULL)
|
|
fdp->fd_lastfile--;
|
|
+}
|
|
+
|
|
+/*
|
|
+ * It is unsafe for set[ug]id processes to be started with file
|
|
+ * descriptors 0..2 closed, as these descriptors are given implicit
|
|
+ * significance in the Standard C library. fdcheckstd() will create a
|
|
+ * descriptor referencing /dev/null for each of stdin, stdout, and
|
|
+ * stderr that is not already open.
|
|
+ */
|
|
+int
|
|
+fdcheckstd(p)
|
|
+ struct proc *p;
|
|
+{
|
|
+ struct nameidata nd;
|
|
+ struct filedesc *fdp;
|
|
+ struct file *fp;
|
|
+ register_t retval;
|
|
+ int fd, i, error, flags, devnull;
|
|
+
|
|
+ fdp = p->p_fd;
|
|
+ if (fdp == NULL)
|
|
+ return (0);
|
|
+ devnull = -1;
|
|
+ error = 0;
|
|
+ for (i = 0; i < 3; i++) {
|
|
+ if (fdp->fd_ofiles[i] != NULL)
|
|
+ continue;
|
|
+ if (devnull < 0) {
|
|
+ error = falloc(p, &fp, &fd);
|
|
+ if (error != 0)
|
|
+ break;
|
|
+ NDINIT(&nd, LOOKUP, FOLLOW, UIO_SYSSPACE, "/dev/null",
|
|
+ p);
|
|
+ flags = FREAD | FWRITE;
|
|
+ error = vn_open(&nd, flags, 0);
|
|
+ if (error != 0) {
|
|
+ fdp->fd_ofiles[i] = NULL;
|
|
+ fdrop(fp, p);
|
|
+ break;
|
|
+ }
|
|
+ NDFREE(&nd, NDF_ONLY_PNBUF);
|
|
+ fp->f_data = (caddr_t)nd.ni_vp;
|
|
+ fp->f_flag = flags;
|
|
+ fp->f_ops = &vnops;
|
|
+ fp->f_type = DTYPE_VNODE;
|
|
+ VOP_UNLOCK(nd.ni_vp, 0, p);
|
|
+ devnull = fd;
|
|
+ } else {
|
|
+ error = fdalloc(p, 0, &fd);
|
|
+ if (error != 0)
|
|
+ break;
|
|
+ error = do_dup(fdp, devnull, fd, &retval, p);
|
|
+ if (error != 0)
|
|
+ break;
|
|
+ }
|
|
+ }
|
|
+ return (error);
|
|
}
|
|
|
|
/*
|