summaryrefslogtreecommitdiff
path: root/exec
diff options
context:
space:
mode:
authorMichael I. Bushnell <mib@gnu.org>1996-06-13 01:17:25 +0000
committerMichael I. Bushnell <mib@gnu.org>1996-06-13 01:17:25 +0000
commitceded8acfc919def2fe47fc54903bea5f337cfed (patch)
tree98160d670c6bd69cb76bf54f872726d69a012304 /exec
parente3ab1437d389995e035e32d00f770aa411ab668e (diff)
(do_exec): If secure, set the owner with proc_setowner.
Diffstat (limited to 'exec')
-rw-r--r--exec/exec.c25
1 files changed, 23 insertions, 2 deletions
diff --git a/exec/exec.c b/exec/exec.c
index 6297bf02..202f708f 100644
--- a/exec/exec.c
+++ b/exec/exec.c
@@ -1312,13 +1312,34 @@ do_exec (file_t file,
{
/* Ask the proc server for the proc port for this task. */
mach_port_t new;
+ uid_t euidbuf[10], egidbuf[10], auidbuf[10], agidbuf[10];
+ uid_t *euids, *egids, *auids, *agids;
+ size_t neuids, negids, nauids, nagids;
+ uid_t uid;
+
e.error = proc_task2proc (procserver, newtask, &new);
if (e.error)
goto stdout;
-
use (INIT_PORT_PROC, new, 0, 1);
- /* XXX We should also call proc_setowner at this point. */
+ if (secure)
+ {
+ /* Find out what our UID is from the auth server. */
+ neuids = negids = nauids = nagids = 10;
+ euids = euidbuf, egids = egidbuf;
+ auids = auidbuf, agids = agidbuf;
+ e.error = auth_getids (boot->portarray[INIT_PORT_AUTH],
+ &euids, &neuids, &auids, &nauids,
+ &egids, &negids, &agids, &nagids);
+ if (e.error)
+ goto stdout;
+
+ /* Set the owner with the proc server */
+ e.error = proc_setowner (boot->portarray[INIT_PORT_PROC],
+ neuids ? euids[0] : 0, !neuids);
+ if (e.error)
+ goto stdout;
+ }
}
else if (oldtask != newtask && oldtask != MACH_PORT_NULL
&& boot->portarray[INIT_PORT_PROC] != MACH_PORT_NULL)