Page MenuHomeFreeBSD

mdo(1): Use setcred() to change credentials
ClosedPublic

Authored by olce on Nov 15 2024, 5:08 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Dec 9, 1:35 PM
Unknown Object (File)
Wed, Dec 4, 8:27 AM
Unknown Object (File)
Fri, Nov 29, 11:05 PM
Unknown Object (File)
Fri, Nov 29, 3:13 PM
Unknown Object (File)
Mon, Nov 25, 9:22 AM
Unknown Object (File)
Mon, Nov 25, 2:42 AM
Unknown Object (File)
Nov 23 2024, 8:08 PM
Unknown Object (File)
Nov 23 2024, 6:11 AM

Details

Summary

This revision is part of a series. Click on the Stack tab below to see the context.
This series has also been squeezed into D47633 to provide an overall view.

Commit message:
As this is the only system call that MAC/do currently supports, and the
only one that really can be for transitions involving simultaneous
changes of user and group IDs.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

olce requested review of this revision.Nov 15 2024, 5:08 PM
brooks added inline comments.
usr.bin/mdo/mdo.c
31

Technically a C23 extension, but probably ok? Could explicitly set one member to stay C99 compatible.

Maybe better yet would be an initializer that sets everything to an invalid value (-1 or the like) so accidentally setting a uid or gid flag without setting the value doesn't lead to root.

This revision is now accepted and ready to land.Mon, Dec 2, 8:55 AM

Impacts of some setcred() changes.

This revision now requires review to proceed.Thu, Dec 5, 9:10 PM
This revision was not accepted when it landed; it landed in state Needs Review.Mon, Dec 16, 2:47 PM
This revision was automatically updated to reflect the committed changes.