[src/trunk]: src/sys Don't abuse INSECURE for allowing exec() to load files n...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/sys Don't abuse INSECURE for allowing exec() to load files n...
From: elad <elad%NetBSD.org@localhost>
Date: Mon, 06 Apr 2020 18:19:15 +0000

details:   https://anonhg.NetBSD.org/src/rev/26200c49d7ff
branches:  trunk
changeset: 750395:26200c49d7ff
user:      elad <elad%NetBSD.org@localhost>
date:      Tue Dec 29 20:21:45 2009 +0000

description:
Don't abuse INSECURE for allowing exec() to load files not owned by uid 0.

Adjust references where this has been used.

diffstat:

 sys/arch/amiga/stand/bootblock/boot/Makefile       |   6 +++---
 sys/arch/amiga/stand/bootblock/bootxx_ffs/Makefile |   4 ++--
 sys/arch/amiga/stand/bootblock/ppcboot/Makefile    |   4 ++--
 sys/arch/next68k/stand/boot/Makefile               |   4 ++--
 sys/lib/libsa/exec.c                               |  12 ++++--------
 5 files changed, 13 insertions(+), 17 deletions(-)

diffs (116 lines):

diff -r f4951ab9b266 -r 26200c49d7ff sys/arch/amiga/stand/bootblock/boot/Makefile
--- a/sys/arch/amiga/stand/bootblock/boot/Makefile      Tue Dec 29 20:15:15 2009 +0000
+++ b/sys/arch/amiga/stand/bootblock/boot/Makefile      Tue Dec 29 20:21:45 2009 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: Makefile,v 1.40 2009/10/17 11:18:17 mlelstv Exp $
+#      $NetBSD: Makefile,v 1.41 2009/12/29 20:21:45 elad Exp $
 
 .include <bsd.sys.mk>          # for HOST_SH
 
@@ -48,8 +48,8 @@
 
 OBJS=  $(SOBJS) $(COBJS)
 
-#XX#DEFS = -D_STANDALONE -DINSECURE -DDYNAMIC_CRC_TABLE -DNOBYFOUR -UBYFOUR 
-DEFS = -D_STANDALONE -DINSECURE 
+#XX#DEFS = -D_STANDALONE -DSA_EXEC_ANYOWNER -DDYNAMIC_CRC_TABLE -DNOBYFOUR -UBYFOUR 
+DEFS = -D_STANDALONE -DSA_EXEC_ANYOWNER 
 DEFS += -D__INTERNAL_LIBSA_CREAD
 #DEFS += -DSERCONSOLE
 SOBJS += cread.o
diff -r f4951ab9b266 -r 26200c49d7ff sys/arch/amiga/stand/bootblock/bootxx_ffs/Makefile
--- a/sys/arch/amiga/stand/bootblock/bootxx_ffs/Makefile        Tue Dec 29 20:15:15 2009 +0000
+++ b/sys/arch/amiga/stand/bootblock/bootxx_ffs/Makefile        Tue Dec 29 20:21:45 2009 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: Makefile,v 1.11 2009/01/12 07:42:30 tsutsui Exp $
+#      $NetBSD: Makefile,v 1.12 2009/12/29 20:21:46 elad Exp $
 
 ### what we need:
 
@@ -33,7 +33,7 @@
 
 OBJS=  $(SOBJS) $(COBJS)
 
-DEFS = -D_STANDALONE -DINSECURE -D_PRIMARY_BOOT
+DEFS = -D_STANDALONE -DSA_EXEC_ANYOWNER -D_PRIMARY_BOOT
 
 .NOPATH: ${OBJS} x.out f.out libboot.a xxstart.o
 
diff -r f4951ab9b266 -r 26200c49d7ff sys/arch/amiga/stand/bootblock/ppcboot/Makefile
--- a/sys/arch/amiga/stand/bootblock/ppcboot/Makefile   Tue Dec 29 20:15:15 2009 +0000
+++ b/sys/arch/amiga/stand/bootblock/ppcboot/Makefile   Tue Dec 29 20:21:45 2009 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: Makefile,v 1.6 2008/10/19 22:05:21 apb Exp $
+#      $NetBSD: Makefile,v 1.7 2009/12/29 20:21:46 elad Exp $
 
 ### what we need:
 
@@ -28,7 +28,7 @@
 
 OBJS=  $(SOBJS) $(COBJS)
 
-DEFS = -DPPCBOOTER -D_STANDALONE -DINSECURE -DDEBUG_MEMORY_LIST
+DEFS = -DPPCBOOTER -D_STANDALONE -DSA_EXEC_ANYOWNER -DDEBUG_MEMORY_LIST
 
 ### main target: ###
 
diff -r f4951ab9b266 -r 26200c49d7ff sys/arch/next68k/stand/boot/Makefile
--- a/sys/arch/next68k/stand/boot/Makefile      Tue Dec 29 20:15:15 2009 +0000
+++ b/sys/arch/next68k/stand/boot/Makefile      Tue Dec 29 20:21:45 2009 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: Makefile,v 1.22 2009/01/12 07:47:47 tsutsui Exp $
+#      $NetBSD: Makefile,v 1.23 2009/12/29 20:21:46 elad Exp $
 
 NOMAN= # defined
 
@@ -25,7 +25,7 @@
 # XXX make defs arch-indep.
 INCLUDES+=     -I${.OBJDIR} -I${S}/arch -I${S} -I${S}/lib/libsa 
 DEFS+=         -D_STANDALONE -DMC68040 -DSUPPORT_BOOTP -DSUPPORT_DHCP  -DDEBUG -DSD_DEBUG -DSCSI_DEBUG # -DEN_DEBUG   -DNETIF_DEBUG  
-SAMISCCPPFLAGS=        -DSUPPORT_DHCP -DSUPPORT_BOOTP -DINSECURE # -DBOOTP_DEBUG -DETHER_DEBUG -DNET_DEBUG # -DNETIF_DEBUG -DNFS_DEBUG  -DARP_DEBUG 
+SAMISCCPPFLAGS=        -DSUPPORT_DHCP -DSUPPORT_BOOTP -DSA_EXEC_ANYOWNER # -DBOOTP_DEBUG -DETHER_DEBUG -DNET_DEBUG # -DNETIF_DEBUG -DNFS_DEBUG  -DARP_DEBUG 
 WARNS=1
 CFLAGS+=        -ffreestanding -nostdinc ${INCLUDES} ${DEFS}
 CFLAGS+=       -Wall -Wmissing-prototypes -Wstrict-prototypes -Wpointer-arith
diff -r f4951ab9b266 -r 26200c49d7ff sys/lib/libsa/exec.c
--- a/sys/lib/libsa/exec.c      Tue Dec 29 20:15:15 2009 +0000
+++ b/sys/lib/libsa/exec.c      Tue Dec 29 20:21:45 2009 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: exec.c,v 1.27 2009/08/16 13:26:16 matt Exp $   */
+/*     $NetBSD: exec.c,v 1.28 2009/12/29 20:21:46 elad Exp $   */
 
 /*-
  * Copyright (c) 1982, 1986, 1990, 1993
@@ -29,13 +29,9 @@
  * SUCH DAMAGE.
  */
 
-#ifdef _KERNEL_OPT
-#include "opt_insecure.h"
-#endif
-
 #include <sys/param.h>
 #include <sys/reboot.h>
-#ifndef INSECURE
+#ifndef SA_EXEC_ANYOWNER
 #include <sys/stat.h>
 #endif
 #include <sys/exec_aout.h>
@@ -50,7 +46,7 @@
 void
 exec(char *path, char *loadaddr, int howto)
 {
-#ifndef INSECURE
+#ifndef SA_EXEC_ANYOWNER
        struct stat sb;
 #endif
        struct exec x;
@@ -61,7 +57,7 @@
        if (io < 0)
                return;
 
-#ifndef INSECURE
+#ifndef SA_EXEC_ANYOWNER
        (void) fstat(io, &sb);
        if (sb.st_uid || (sb.st_mode & 2)) {
                printf("non-secure file, will not load\n");

Prev by Date: [src/trunk]: src/usr.bin/login kill the space in address formatting to match ...
Next by Date: [src/trunk]: src/tools To unbreak the build, temporarily remove the build of ...
Previous by Thread: [src/trunk]: src/usr.bin/login kill the space in address formatting to match ...
Next by Thread: [src/trunk]: src/tools To unbreak the build, temporarily remove the build of ...
Indexes:

Home | Main Index | Thread Index | Old Index