Path: utzoo!attcan!uunet!lll-winken!lll-tis!helios.ee.lbl.gov!pasteur!agate!labrea!rutgers!mailrus!uflorida!haven!mimsy!chris
From: chris@mimsy.UUCP (Chris Torek)
Newsgroups: comp.bugs.4bsd
Subject: TIOCSPGRP security checks are insufficient
Message-ID: <14416@mimsy.UUCP>
Date: 8 Nov 88 05:00:37 GMT
Reply-To: chris@mimsy.umd.edu (Chris Torek)
Organization: University of Maryland, Dept. of Computer Sci.
Lines: 32

Index: /sys/sys/tty.c 4.3BSD,4.3BSD-tahoe Fix

Description:
	The security checking in TIOCSPGRP is insufficient to do
	what it was designed to do (which is not really all that
	much anyway).

Repeat-by:
	Examination.

Fix:

RCS file: RCS/tty.c,v
retrieving revision 1.11
diff -c2 -r1.11 tty.c
*** /tmp/,RCSt1007903	Mon Nov  7 23:52:18 1988
--- tty.c	Mon Nov  7 23:52:03 1988
***************
*** 487,491 ****
  	case TIOCSPGRP: {
  		struct proc *p;
! 		int pgrp = *(int *)data;
  
  		if (u.u_uid && (flag & FREAD) == 0)
--- 487,491 ----
  	case TIOCSPGRP: {
  		struct proc *p;
! 		short pgrp = *(int *)data;
  
  		if (u.u_uid && (flag & FREAD) == 0)
-- 
In-Real-Life: Chris Torek, Univ of MD Comp Sci Dept (+1 301 454 7163)
Domain:	chris@mimsy.umd.edu	Path:	uunet!mimsy!chris