Date: Sat, 13 Dec 1997 16:26:35 -0800 (PST) From: dswartz@druber.com To: freebsd-gnats-submit@FreeBSD.ORG Subject: kern/5285: quotas do not work properly with setuid programs. Message-ID: <199712140026.QAA27443@hub.freebsd.org> Resent-Message-ID: <199712140030.QAA27840@hub.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 5285 >Category: kern >Synopsis: quotas do not work properly with setuid programs. >Confidential: no >Severity: serious >Priority: low >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Dec 13 16:30:01 PST 1997 >Last-Modified: >Originator: Dan Swartzendruber >Organization: Swartzendruber Consulting >Release: 2.2.5 >Environment: FreeBSD mail2.kersur.net 2.2.5-RELEASE FreeBSD 2.2.5-RELEASE #1: Thu Dec 11 18:11:52 EST 1997 root@mail2.kersur.net:/usr/src/sys/compile/MAIL i386 >Description: Apparently, the quota checking code in ufs/ufs/ufs_quota.c (possibly elsewhere, this is just what I happened to see) does not apply quota to UID 0, which is not unreasonable. However, it checks the UID in the current credential, *not* the current mode the process is in, so a setuid program that becomes non-privileged does not have that UID quota applied to it. This is related to a similar problem report that was made vs sendmail/mail.local. The proposed fix does not work, for the reasons I have already described. >How-To-Repeat: Write a "C" program that does setuid(xxx), where xxx is a UID that is over quota on some filesystem. Have that program create and write to a file on that filesystem after doing said setuid(). It will work. >Fix: Dunno. >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199712140026.QAA27443>