From owner-cvs-all Wed Aug 23 21:51:40 2000 Delivered-To: cvs-all@freebsd.org Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 9123037B424; Wed, 23 Aug 2000 21:51:34 -0700 (PDT) Date: Thu, 24 Aug 2000 00:51:33 -0400 (EDT) From: Brian Fundakowski Feldman X-Sender: green@green.dyndns.org To: Robert Watson Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/kern kern_resource.c In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 23 Aug 2000, Robert Watson wrote: > On Wed, 16 Aug 2000, Brian Feldman wrote: > > > green 2000/08/16 16:28:55 PDT > > > > Modified files: > > sys/kern kern_resource.c > > Log: > > Fix a couple cases where p_trespass wasn't transitioned into place. > > > > Make RTP_SET (rtprio) only accessible to real root, not root in jails. > > Errrr.... > > case RTP_SET: > - if (pcred->pc_ucred->cr_uid && pcred->p_ruid && > - pcred->pc_ucred->cr_uid != p->p_ucred->cr_uid && > - pcred->p_ruid != p->p_ucred->cr_uid) > + if (p_trespass(curp, p) != 0) > return (EPERM); > /* disallow setting rtprio in most cases if not superuser > */ > - if (suser(curp)) { > + if (suser_xxx(NULL, curp, PRISON_ROOT) != 0) { > > That suser->suser_xxx change enables RTP_SET, not disables it. And the > p_trespass replacement is not equivilent to what was there: p_trespass() > allows suser_xxx(..., PRISON_ROOT) to override it, whereas the original > check didn't. The other part of the commit (donice()) appears to do a > redundant prison check, and checks suser() twice as a result. Err... the first check? No way, man, that's not right. Read the first part of the if (). This check specifically allows root in jail OR out of jail, whereas p_trestpass doesn't. How can you possibly evaluate it to mean otherwise? The first to checks in the if statement... If you're sure about the suser_xxx/suser, it does seem you're right, I'll fix that back. > > There does need to be some cleanup here, but this cleanup is not the right > cleanup. I have a pile of commits sitting ready to do on this code which > clean this up, and make way for the capability support. Please back out > your commit. > > Robert N M Watson > > robert@fledge.watson.org http://www.watson.org/~robert/ > PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 > TIS Labs at Network Associates, Safeport Network Services > > -- Brian Fundakowski Feldman \ FreeBSD: The Power to Serve! / green@FreeBSD.org `------------------------------' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message