mirror of
https://git.freebsd.org/src.git
synced 2026-01-16 23:02:24 +00:00
5138a20765
tftpd seems to be the last program in base that implicitly relies on setgroups() to set the egid. This is a security landmine in portable software as most operating systems don't behave this way, so do an explicit setgid() in case the kernel doesn't set it already. While we're here, FreeBSD's setgroups() has supported nominally clearing all supplemental groups since 1997. It still leaves the egid in our cr_groups[0] because we don't have an out-of-band way to store the egid, and on other systems it'll clear the supplemental group entirely as one would want. Reviewed by: allanjude (previous version), des, olce Differential Revision: https://reviews.freebsd.org/D51149 |
||
|---|---|---|
| .. | ||
| tests | ||
| Makefile | ||
| Makefile.depend | ||
| Makefile.depend.options | ||
| tftp-file.c | ||
| tftp-file.h | ||
| tftp-io.c | ||
| tftp-io.h | ||
| tftp-options.c | ||
| tftp-options.h | ||
| tftp-transfer.c | ||
| tftp-transfer.h | ||
| tftp-utils.c | ||
| tftp-utils.h | ||
| tftpd.8 | ||
| tftpd.c | ||