git: 9deb5ca77beb - releng/13.2 - setusercontext(): Apply personal settings only on matching effective UID
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 14 Feb 2024 06:05:57 UTC
The branch releng/13.2 has been updated by gordon: URL: https://cgit.FreeBSD.org/src/commit/?id=9deb5ca77bebd98f6b9d1f5640546dc0a15a8deb commit 9deb5ca77bebd98f6b9d1f5640546dc0a15a8deb Author: Olivier Certner <olce@FreeBSD.org> AuthorDate: 2023-05-30 16:35:08 +0000 Commit: Gordon Tetlow <gordon@FreeBSD.org> CommitDate: 2024-02-14 05:36:19 +0000 setusercontext(): Apply personal settings only on matching effective UID Commit 35305a8dc114 (r211393) added a check on whether 'uid' was equal to getuid() before calling setlogincontext(). Doing so still allows a setuid program to apply resource limits and priorities specified in a user-controlled configuration file ('~/.login_conf') where a non-setuid program could not. Plug the hole by checking instead that the process' effective UID is the target one (which is likely what was meant in the initial commit). PR: 271750 Reviewed by: kib, des Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40351 Approved by: so Security: FreeBSD-EN-24:02.libutil (cherry picked from commit 892654fe9b5a9115815c30a423b8db47185aebbd) Approved by: markj (mentor) (cherry picked from commit 9fcf54d3750e379868e51e4aa7fbf696877ab2ed) --- lib/libutil/login_class.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/libutil/login_class.c b/lib/libutil/login_class.c index 38666bc8e3d3..3a4ef4ed6a55 100644 --- a/lib/libutil/login_class.c +++ b/lib/libutil/login_class.c @@ -548,7 +548,7 @@ setusercontext(login_cap_t *lc, const struct passwd *pwd, uid_t uid, unsigned in /* * Now, we repeat some of the above for the user's private entries */ - if (getuid() == uid && (lc = login_getuserclass(pwd)) != NULL) { + if (geteuid() == uid && (lc = login_getuserclass(pwd)) != NULL) { mymask = setlogincontext(lc, pwd, mymask, flags); login_close(lc); }