Re: git: Fix chdir/fchdir for setuid/setgid binaries

看板DFBSD_commit作者時間16年前 (2009/10/01 02:01), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串2/3 (看更多)
Simon Schubert wrote: > commit 609c6f34fef1b0942cfff9f26bc1844a4858ad7c > Author: Simon 'corecode' Schubert <corecode@fs.ei.tum.de> > Date: Wed Sep 30 17:02:24 2009 +0200 > > Fix chdir/fchdir for setuid/setgid binaries > > Access checks for a directory have to be done using the euid/egid, not > the ruid/rgid. There are certainly many more of these problems. We need to address those before we roll 2.4.1. I think we should audit all calls to VOP_ACCESS. Also, I suggest creating VOP_RACCESS, removing VOP_EACCESS and making the effective id check default in VOP_ACCESS, since most permission checks in the kernel refer to the effective ids, and only select ones deal with the real ids. cheers simon
更多 corecode. 的文章
文章代碼(AID): #1Amvpl-x (DFBSD_commit)
更多 corecode. 的文章
文章代碼(AID): #1Amvpl-x (DFBSD_commit)