Date: Sun, 27 Jan 2008 15:54:57 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 134203 for review Message-ID: <200801271554.m0RFsv3P000790@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=134203 Change 134203 by rwatson@rwatson_freebsd_capabilities on 2008/01/27 15:54:17 In capabilities mode, don't allow the use of interpreters. Affected files ... .. //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_exec.c#5 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/kern_exec.c#5 (text+ko) ==== @@ -384,6 +384,18 @@ interpret: if (args->fname != NULL) { + /* + * While capability mode can't reach this point via direct + * path arguments to execve(), we also don't allow + * interpreters to be used in capability mode (for now). + * Catch indirect lookups and return a permissions error. + * + * XXXRW: Is this the right error? + */ + if (td->td_ucred->cr_flags & CRED_FLAG_CAPMODE) { + error = EPERM; + goto exec_fail; + } error = namei(ndp); if (error) goto exec_fail;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200801271554.m0RFsv3P000790>