This saves one issetugid for every exec. Note there is another call coming from something deeper which probably cannot be easily taken care of in the same manner.
Details
- Reviewers
kib
Verified with debug printfs that trust is NOT set when running 'su' et al and is set otherwise.
Diff Detail
- Lint
Lint Skipped - Unit
Tests Skipped
Event Timeline
libexec/rtld-elf/rtld.c | ||
---|---|---|
454 | If you allocate one more flag in bsdflags. used to indicate support for BSDF_ISSETUGID, you do not need to rely on osreldate() which is better IMO. Check the new flag, and if set, ELF_BSDF_ISSETUGID presence is equal to trust. Also right now you rely on bsdflags presence, adding that flag would make zero initialization of bsdflags do the right thing. Another option is to allocate new auxv entry with the value indicating issetugid, but flags are fine since they are already there. | |
sys/kern/kern_prot.c | ||
1233 | != 0 |
sys/sys/elf_common.h | ||
---|---|---|
1461 | _VALID instead of _PASSED ? |
Upon further testing this is buggy - sometimes the passed down value disagrees with what the syscall returns later as setugid call on exec happens only after copyout.