1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-05 09:14:03 +00:00

o Add a comment to p_candebug() noting that the P_INEXEC check should

really be moved elsewhere: p_candebug() encapsulates the security
  policy decision, whereas the P_INEXEC check has to do with "correctness"
  regarding race conditions, rather than security policy.

  Example: even if no security protections were enforced (the "uids are
  advisory" model), removing P_INEXEC could result in incorrect operation
  due to races on credential evaluation and modification during execve().

Obtained from:	TrustedBSD Project
This commit is contained in:
Robert Watson 2001-11-02 16:41:06 +00:00
parent 06a9ff8e81
commit 5fab7614f4
Notes: svn2git 2020-12-20 02:59:44 +00:00
svn path=/head/; revision=85880

View File

@ -1569,7 +1569,12 @@ p_candebug(struct proc *p1, struct proc *p2)
return (error); return (error);
} }
/* can't trace a process that's currently exec'ing */ /*
* Can't trace a process that's currently exec'ing.
* XXX: Note, this is not a security policy decision, it's a
* basic correctness/functionality decision. Therefore, this check
* should be moved to the caller's of p_candebug().
*/
if ((p2->p_flag & P_INEXEC) != 0) if ((p2->p_flag & P_INEXEC) != 0)
return (EAGAIN); return (EAGAIN);