OpenJDK / jdk / jdk10
changeset 25894:664ddf8330d4
Merge
| author | jmasa |
|---|---|
| date | Thu, 31 Jul 2014 16:39:57 -0700 |
| parents | b4141bec6a67 96f35069b4f5 |
| children | a1c97825878e 5e787e56e566 7fdd555fd532 |
| files | |
| diffstat | 1 files changed, 14 insertions(+), 8 deletions(-) [+] |
line wrap: on
line diff
--- a/hotspot/src/os/solaris/vm/attachListener_solaris.cpp Tue Jul 29 10:26:09 2014 +0200 +++ b/hotspot/src/os/solaris/vm/attachListener_solaris.cpp Thu Jul 31 16:39:57 2014 -0700 @@ -199,23 +199,29 @@ // Calls from the door function to check that the client credentials // match this process. Returns 0 if credentials okay, otherwise -1. static int check_credentials() { - door_cred_t cred_info; + ucred_t *cred_info = NULL; + int ret = -1; // deny by default // get client credentials - if (door_cred(&cred_info) == -1) { - return -1; // unable to get them + if (door_ucred(&cred_info) == -1) { + return -1; // unable to get them, deny } // get our euid/eguid (probably could cache these) uid_t euid = geteuid(); gid_t egid = getegid(); - // check that the effective uid/gid matches - discuss this with Jeff. - if (cred_info.dc_euid == euid && cred_info.dc_egid == egid) { - return 0; // okay - } else { - return -1; // denied + // get euid/egid from ucred_free + uid_t ucred_euid = ucred_geteuid(cred_info); + gid_t ucred_egid = ucred_getegid(cred_info); + + // check that the effective uid/gid matches + if (ucred_euid == euid && ucred_egid == egid) { + ret = 0; // allow } + + ucred_free(cred_info); + return ret; }