stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge

Browse Source
This commit is contained in:
Jon Masamitsu 2014-07-31 16:39:57 -07:00
commit e9553ff4bf
1 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
hotspot/src/os/solaris/vm/attachListener_solaris.cpp
View File

@ -199,23 +199,29 @@ class ArgumentIterator : public StackObj {
// Calls from the door function to check that the client credentials // Calls from the door function to check that the client credentials
// match this process. Returns 0 if credentials okay, otherwise -1. // match this process. Returns 0 if credentials okay, otherwise -1.
static int check_credentials() { static int check_credentials() {
door_cred_t cred_info; ucred_t *cred_info = NULL;
int ret = -1; // deny by default
// get client credentials // get client credentials
if (door_cred(&cred_info) == -1) { if (door_ucred(&cred_info) == -1) {
return -1; // unable to get them return -1; // unable to get them, deny
} }
// get our euid/eguid (probably could cache these) // get our euid/eguid (probably could cache these)
uid_t euid = geteuid(); uid_t euid = geteuid();
gid_t egid = getegid(); gid_t egid = getegid();
// check that the effective uid/gid matches - discuss this with Jeff. // get euid/egid from ucred_free
if (cred_info.dc_euid == euid && cred_info.dc_egid == egid) { uid_t ucred_euid = ucred_geteuid(cred_info);
return 0; // okay gid_t ucred_egid = ucred_getegid(cred_info);
} else {
return -1; // denied // check that the effective uid/gid matches
if (ucred_euid == euid && ucred_egid == egid) {
ret = 0; // allow
} }
ucred_free(cred_info);
return ret;
} }