mirror of
https://github.com/opnsense/src.git
synced 2026-02-18 18:20:26 -05:00
7b20967a1a
This fixes several bugs where some 'struct ucred' in the kernel, constructed from user input (via nmount(2)) or obtained from other servers (e.g., gssd(8)), could have an unfilled 'cr_groups' field and whose 'cr_groups[0]' (or 'cr_gid', which is an alias) was later accessed, causing an uninitialized access giving random access rights. Use crsetgroups_fallback() to enforce a fallback group when possible. For NFS, the chosen fallback group is that of the NFS server in the current VNET (NFSD_VNET(nfsrv_defaultgid)). There does not seem to be any sensible fallback available in rpc code (sys/rpc/svc_auth.c, svc_getcred()) on AUTH_UNIX (TLS or not), so just fail credential retrieval there. Stock NSS sources, rpc.tlsservd(8) or rpc.tlsclntd(8) provide non-empty group lists, so will not be impacted. Discussed with: rmacklem (by mail) Approved by: markj (mentor) MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D46918 (cherry picked from commit cfbe7a62dc62e8a5d7520cb5eb8ad7c4a9418e26) Approved by: markj (mentor) |
||
|---|---|---|
| .. | ||
| rpcsec_gss | ||
| rpcsec_tls | ||
| auth.h | ||
| auth_none.c | ||
| auth_unix.c | ||
| authunix_prot.c | ||
| clnt.h | ||
| clnt_bck.c | ||
| clnt_dg.c | ||
| clnt_rc.c | ||
| clnt_stat.h | ||
| clnt_vc.c | ||
| getnetconfig.c | ||
| krpc.h | ||
| netconfig.h | ||
| nettype.h | ||
| pmap_prot.h | ||
| replay.c | ||
| replay.h | ||
| rpc.h | ||
| rpc_callmsg.c | ||
| rpc_com.h | ||
| rpc_generic.c | ||
| rpc_msg.h | ||
| rpc_prot.c | ||
| rpcb_clnt.c | ||
| rpcb_clnt.h | ||
| rpcb_prot.c | ||
| rpcb_prot.h | ||
| rpcm_subs.h | ||
| rpcsec_gss.h | ||
| rpcsec_tls.h | ||
| svc.c | ||
| svc.h | ||
| svc_auth.c | ||
| svc_auth.h | ||
| svc_auth_unix.c | ||
| svc_dg.c | ||
| svc_generic.c | ||
| svc_vc.c | ||
| types.h | ||
| xdr.h | ||