Subject: Re: coredump following symlinks
To: None <tech-kern@NetBSD.org>
From: Manuel Bouyer <bouyer@antioche.lip6.fr>
List: tech-kern
Date: 08/27/1999 16:35:03
--0OAP2g/MAC+5xKAE
Content-Type: text/plain; charset=us-ascii
On Fri, Aug 27, 1999 at 04:34:15PM +0200, Manuel Bouyer wrote:
> Ok, here's another diff which takes in account different objections I've got.
> Now a core file is erased, or a symlink is followed only if the effective
> user id is the same as the existing file or symlink.
> I hope this one will make every one happy :)
> If noone object I'll commit this tomorow.
>
> --
> Manuel Bouyer, LIP6, Universite Paris VI. Manuel.Bouyer@lip6.fr
> --
Arg, I did it again, I forgot to attach the diff !
--0OAP2g/MAC+5xKAE
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=diff
Index: kern_sig.c
===================================================================
RCS file: /cvsroot/syssrc/sys/kern/kern_sig.c,v
retrieving revision 1.92
diff -u -r1.92 kern_sig.c
--- kern_sig.c 1999/07/25 06:30:34 1.92
+++ kern_sig.c 1999/08/27 14:18:59
@@ -1263,6 +1263,7 @@
register struct ucred *cred = p->p_cred->pc_ucred;
struct nameidata nd;
struct vattr vattr;
+ struct stat stat;
int error, error1;
char name[MAXCOMLEN+6]; /* progname.core */
struct core core;
@@ -1297,6 +1298,22 @@
sprintf(name, "core");
else
sprintf(name, "%s.core", p->p_comm);
+ NDINIT(&nd, LOOKUP, NOFOLLOW | LOCKLEAF, UIO_SYSSPACE, name, p);
+ error = namei(&nd);
+ if (error == 0) {
+ error = vn_stat(nd.ni_vp, &stat, p);
+ vput(nd.ni_vp);
+ if (error)
+ return error;
+ /*
+ * Don't dump if the owner of the
+ * process is not the one owning the existing file/symlink
+ */
+ if (stat.st_uid != p->p_ucred->cr_uid)
+ return EINVAL;
+ } else if (error != ENOENT)
+ return error;
+ /* Now follow symlink if there is one */
NDINIT(&nd, LOOKUP, FOLLOW, UIO_SYSSPACE, name, p);
error = vn_open(&nd, O_CREAT | FWRITE, S_IRUSR | S_IWUSR);
if (error)
--0OAP2g/MAC+5xKAE--