Date: Wed, 14 Jun 2006 21:20:39 +0000 (UTC) From: Guy Helmer <ghelmer@FreeBSD.org> To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/fs/procfs procfs.c Message-ID: <200606142120.k5ELKdDB048447@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
ghelmer 2006-06-14 21:20:39 UTC
FreeBSD src repository
Modified files: (Branch: RELENG_6)
sys/fs/procfs procfs.c
Log:
MFC procfs.c revisions 1.13 and 1.14:
1.13: Revision 1.4 set access for all sensitive files in /proc/<PID> to mode 0
if a process's uid or gid has changed, but the /proc/<PID> directory
itself was also set to mode 0. Assuming this doesn't open any
security holes, open access to the /proc/<PID> directory for users
other than root to read or search the directory.
1.14: Upon further review, DES prefers this change over that in revision 1.13
to resolve the directory access problem for processes with P_SUGID flag
set.
Revision Changes Path
1.12.2.1 +4 -3 src/sys/fs/procfs/procfs.c
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200606142120.k5ELKdDB048447>