Date: Thu, 24 Aug 2000 00:51:33 -0400 (EDT) From: Brian Fundakowski Feldman <green@FreeBSD.org> To: Robert Watson <rwatson@FreeBSD.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/kern kern_resource.c Message-ID: <Pine.BSF.4.21.0008240041310.52828-100000@green.dyndns.org> In-Reply-To: <Pine.NEB.3.96L.1000823222605.26339A-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 23 Aug 2000, Robert Watson wrote:
> On Wed, 16 Aug 2000, Brian Feldman wrote:
>
> > green 2000/08/16 16:28:55 PDT
> >
> > Modified files:
> > sys/kern kern_resource.c
> > Log:
> > Fix a couple cases where p_trespass wasn't transitioned into place.
> >
> > Make RTP_SET (rtprio) only accessible to real root, not root in jails.
>
> Errrr....
>
> case RTP_SET:
> - if (pcred->pc_ucred->cr_uid && pcred->p_ruid &&
> - pcred->pc_ucred->cr_uid != p->p_ucred->cr_uid &&
> - pcred->p_ruid != p->p_ucred->cr_uid)
> + if (p_trespass(curp, p) != 0)
> return (EPERM);
> /* disallow setting rtprio in most cases if not superuser
> */
> - if (suser(curp)) {
> + if (suser_xxx(NULL, curp, PRISON_ROOT) != 0) {
>
> That suser->suser_xxx change enables RTP_SET, not disables it. And the
> p_trespass replacement is not equivilent to what was there: p_trespass()
> allows suser_xxx(..., PRISON_ROOT) to override it, whereas the original
> check didn't. The other part of the commit (donice()) appears to do a
> redundant prison check, and checks suser() twice as a result.
Err... the first check? No way, man, that's not right. Read the
first part of the if (). This check specifically allows root in
jail OR out of jail, whereas p_trestpass doesn't. How can you
possibly evaluate it to mean otherwise? The first to checks in the if
statement...
If you're sure about the suser_xxx/suser, it does seem you're right,
I'll fix that back.
>
> There does need to be some cleanup here, but this cleanup is not the right
> cleanup. I have a pile of commits sitting ready to do on this code which
> clean this up, and make way for the capability support. Please back out
> your commit.
>
> Robert N M Watson
>
> robert@fledge.watson.org http://www.watson.org/~robert/
> PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1
> TIS Labs at Network Associates, Safeport Network Services
>
>
--
Brian Fundakowski Feldman \ FreeBSD: The Power to Serve! /
green@FreeBSD.org `------------------------------'
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0008240041310.52828-100000>