unp_connect() - Use euid/egid for access checks via VOP_EACCESS().
authorJoe Talbott <josepht@dragonflybsd.org>
Tue, 30 Nov 2010 02:03:20 +0000 (21:03 -0500)
committerJoe Talbott <josepht@dragonflybsd.org>
Tue, 30 Nov 2010 02:10:22 +0000 (21:10 -0500)
Fixes socket access for set[ug]id applications by using the euid/egid
rather than the uid/gid.

Reported-By: Tim Darby <t+dfbsd@timdarby.net>
sys/kern/uipc_usrreq.c

index 3421e0c..b3c9986 100644 (file)
@@ -868,7 +868,7 @@ unp_connect(struct socket *so, struct sockaddr *nam, struct thread *td)
                error = ENOTSOCK;
                goto bad;
        }
-       error = VOP_ACCESS(vp, VWRITE, p->p_ucred);
+       error = VOP_EACCESS(vp, VWRITE, p->p_ucred);
        if (error)
                goto bad;
        so2 = vp->v_socket;