From 90a83564dcb0a2cbd396793eaa0ce66b694f014f Mon Sep 17 00:00:00 2001 From: Simon Schubert Date: Tue, 29 Sep 2009 20:42:01 +0200 Subject: [PATCH] Fix exec from setuid/setgid binaries In the context of exec, we have to use the effective uid/gid to check whether the process has permissions to exec, not the ruid/rgid. --- sys/kern/kern_exec.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c index 1247efa54e..042171176f 100644 --- a/sys/kern/kern_exec.c +++ b/sys/kern/kern_exec.c @@ -999,7 +999,7 @@ exec_check_permissions(struct image_params *imgp) /* * Check for execute permission to file based on current credentials. */ - error = VOP_ACCESS(vp, VEXEC, p->p_ucred); + error = VOP_EACCESS(vp, VEXEC, p->p_ucred); if (error) return (error); -- 2.11.4.GIT