CVS commit: src/sys

Tue, 29 Dec 2009 12:22:01 -0800 

Module Name:    src
Committed By:   elad
Date:           Tue Dec 29 20:21:46 UTC 2009

Modified Files:
        src/sys/arch/amiga/stand/bootblock/boot: Makefile
        src/sys/arch/amiga/stand/bootblock/bootxx_ffs: Makefile
        src/sys/arch/amiga/stand/bootblock/ppcboot: Makefile
        src/sys/arch/next68k/stand/boot: Makefile
        src/sys/lib/libsa: exec.c

Log Message:
Don't abuse INSECURE for allowing exec() to load files not owned by uid 0.

Adjust references where this has been used.


To generate a diff of this commit:
cvs rdiff -u -r1.40 -r1.41 src/sys/arch/amiga/stand/bootblock/boot/Makefile
cvs rdiff -u -r1.11 -r1.12 \
    src/sys/arch/amiga/stand/bootblock/bootxx_ffs/Makefile
cvs rdiff -u -r1.6 -r1.7 src/sys/arch/amiga/stand/bootblock/ppcboot/Makefile
cvs rdiff -u -r1.22 -r1.23 src/sys/arch/next68k/stand/boot/Makefile
cvs rdiff -u -r1.27 -r1.28 src/sys/lib/libsa/exec.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sys/arch/amiga/stand/bootblock/boot/Makefile
diff -u src/sys/arch/amiga/stand/bootblock/boot/Makefile:1.40 src/sys/arch/amiga/stand/bootblock/boot/Makefile:1.41
--- src/sys/arch/amiga/stand/bootblock/boot/Makefile:1.40	Sat Oct 17 11:18:17 2009
+++ src/sys/arch/amiga/stand/bootblock/boot/Makefile	Tue Dec 29 20:21:45 2009
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.40 2009/10/17 11:18:17 mlelstv Exp $
+#	$NetBSD: Makefile,v 1.41 2009/12/29 20:21:45 elad Exp $
 
 .include <bsd.sys.mk>		# for HOST_SH
 
@@ -48,8 +48,8 @@
 
 OBJS=	$(SOBJS) $(COBJS)
 
-#XX#DEFS = -D_STANDALONE -DINSECURE -DDYNAMIC_CRC_TABLE -DNOBYFOUR -UBYFOUR 
-DEFS = -D_STANDALONE -DINSECURE 
+#XX#DEFS = -D_STANDALONE -DSA_EXEC_ANYOWNER -DDYNAMIC_CRC_TABLE -DNOBYFOUR -UBYFOUR 
+DEFS = -D_STANDALONE -DSA_EXEC_ANYOWNER 
 DEFS += -D__INTERNAL_LIBSA_CREAD
 #DEFS += -DSERCONSOLE
 SOBJS += cread.o

Index: src/sys/arch/amiga/stand/bootblock/bootxx_ffs/Makefile
diff -u src/sys/arch/amiga/stand/bootblock/bootxx_ffs/Makefile:1.11 src/sys/arch/amiga/stand/bootblock/bootxx_ffs/Makefile:1.12
--- src/sys/arch/amiga/stand/bootblock/bootxx_ffs/Makefile:1.11	Mon Jan 12 07:42:30 2009
+++ src/sys/arch/amiga/stand/bootblock/bootxx_ffs/Makefile	Tue Dec 29 20:21:46 2009
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.11 2009/01/12 07:42:30 tsutsui Exp $
+#	$NetBSD: Makefile,v 1.12 2009/12/29 20:21:46 elad Exp $
 
 ### what we need:
 
@@ -33,7 +33,7 @@
 
 OBJS=	$(SOBJS) $(COBJS)
 
-DEFS = -D_STANDALONE -DINSECURE -D_PRIMARY_BOOT
+DEFS = -D_STANDALONE -DSA_EXEC_ANYOWNER -D_PRIMARY_BOOT
 
 .NOPATH: ${OBJS} x.out f.out libboot.a xxstart.o
 

Index: src/sys/arch/amiga/stand/bootblock/ppcboot/Makefile
diff -u src/sys/arch/amiga/stand/bootblock/ppcboot/Makefile:1.6 src/sys/arch/amiga/stand/bootblock/ppcboot/Makefile:1.7
--- src/sys/arch/amiga/stand/bootblock/ppcboot/Makefile:1.6	Sun Oct 19 22:05:21 2008
+++ src/sys/arch/amiga/stand/bootblock/ppcboot/Makefile	Tue Dec 29 20:21:46 2009
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.6 2008/10/19 22:05:21 apb Exp $
+#	$NetBSD: Makefile,v 1.7 2009/12/29 20:21:46 elad Exp $
 
 ### what we need:
 
@@ -28,7 +28,7 @@
 
 OBJS=	$(SOBJS) $(COBJS)
 
-DEFS = -DPPCBOOTER -D_STANDALONE -DINSECURE -DDEBUG_MEMORY_LIST
+DEFS = -DPPCBOOTER -D_STANDALONE -DSA_EXEC_ANYOWNER -DDEBUG_MEMORY_LIST
 
 ### main target: ###
 

Index: src/sys/arch/next68k/stand/boot/Makefile
diff -u src/sys/arch/next68k/stand/boot/Makefile:1.22 src/sys/arch/next68k/stand/boot/Makefile:1.23
--- src/sys/arch/next68k/stand/boot/Makefile:1.22	Mon Jan 12 07:47:47 2009
+++ src/sys/arch/next68k/stand/boot/Makefile	Tue Dec 29 20:21:46 2009
@@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.22 2009/01/12 07:47:47 tsutsui Exp $
+#	$NetBSD: Makefile,v 1.23 2009/12/29 20:21:46 elad Exp $
 
 NOMAN=	# defined
 
@@ -25,7 +25,7 @@
 # XXX make defs arch-indep.
 INCLUDES+=	-I${.OBJDIR} -I${S}/arch -I${S} -I${S}/lib/libsa 
 DEFS+=		-D_STANDALONE -DMC68040 -DSUPPORT_BOOTP -DSUPPORT_DHCP  -DDEBUG -DSD_DEBUG -DSCSI_DEBUG # -DEN_DEBUG   -DNETIF_DEBUG  
-SAMISCCPPFLAGS=	-DSUPPORT_DHCP -DSUPPORT_BOOTP -DINSECURE # -DBOOTP_DEBUG -DETHER_DEBUG -DNET_DEBUG # -DNETIF_DEBUG -DNFS_DEBUG  -DARP_DEBUG 
+SAMISCCPPFLAGS=	-DSUPPORT_DHCP -DSUPPORT_BOOTP -DSA_EXEC_ANYOWNER # -DBOOTP_DEBUG -DETHER_DEBUG -DNET_DEBUG # -DNETIF_DEBUG -DNFS_DEBUG  -DARP_DEBUG 
 WARNS=1
 CFLAGS+=	 -ffreestanding -nostdinc ${INCLUDES} ${DEFS}
 CFLAGS+=	-Wall -Wmissing-prototypes -Wstrict-prototypes -Wpointer-arith

Index: src/sys/lib/libsa/exec.c
diff -u src/sys/lib/libsa/exec.c:1.27 src/sys/lib/libsa/exec.c:1.28
--- src/sys/lib/libsa/exec.c:1.27	Sun Aug 16 13:26:16 2009
+++ src/sys/lib/libsa/exec.c	Tue Dec 29 20:21:46 2009
@@ -1,4 +1,4 @@
-/*	$NetBSD: exec.c,v 1.27 2009/08/16 13:26:16 matt Exp $	*/
+/*	$NetBSD: exec.c,v 1.28 2009/12/29 20:21:46 elad Exp $	*/
 
 /*-
  * Copyright (c) 1982, 1986, 1990, 1993
@@ -29,13 +29,9 @@
  * SUCH DAMAGE.
  */
 
-#ifdef _KERNEL_OPT
-#include "opt_insecure.h"
-#endif
-
 #include <sys/param.h>
 #include <sys/reboot.h>
-#ifndef INSECURE
+#ifndef SA_EXEC_ANYOWNER
 #include <sys/stat.h>
 #endif
 #include <sys/exec_aout.h>
@@ -50,7 +46,7 @@
 void
 exec(char *path, char *loadaddr, int howto)
 {
-#ifndef INSECURE
+#ifndef SA_EXEC_ANYOWNER
 	struct stat sb;
 #endif
 	struct exec x;
@@ -61,7 +57,7 @@
 	if (io < 0)
 		return;
 
-#ifndef INSECURE
+#ifndef SA_EXEC_ANYOWNER
 	(void) fstat(io, &sb);
 	if (sb.st_uid || (sb.st_mode & 2)) {
 		printf("non-secure file, will not load\n");

Reply via email to