Re: CVS commit: src

To: elad%netbsd.org@localhost
Subject: Re: CVS commit: src
From: Andrew Doran <ad%netbsd.org@localhost>
Date: Sun, 25 Nov 2007 18:24:45 +0000

> Committed By: elad
> Date:         Sun Nov 25 00:35:28 UTC 2007
> 
> Modified Files:
>       src/share/man/man9: kauth.9
>       src/sys/compat/hpux: hpux_compat.c
>       src/sys/compat/linux/common: linux_misc_notalpha.c linux_time.c
>       src/sys/compat/linux32/common: linux32_time.c
>       src/sys/compat/netbsd32: netbsd32_time.c
>       src/sys/dev: clockctl.c
>       src/sys/kern: kern_time.c
>       src/sys/secmodel/bsd44: secmodel_bsd44_suser.c
>       src/sys/secmodel/securelevel: secmodel_securelevel.c
>       src/sys/sys: timevar.h
> 
> Log Message:
> Refactor time modification checks and place them in the secmodel code.

The wrong credential is being used to authorize the request.

Accessing p_cred requires holding the corresponding lock which is not done
here. As a result there is a race condition. For example, given the right
conditions a non-root user could change the clock.

Andrew

Follow-Ups:
- Re: CVS commit: src
  - From: Elad Efrat

Prev by Date: CVS commit: src/sys/fs/hfs
Next by Date: Re: CVS commit: src
Previous by Thread: CVS commit: src/sys/fs/hfs
Next by Thread: Re: CVS commit: src
Indexes:

Home | Main Index | Thread Index | Old Index