vasilito
7edce33927
- Fix login prompt: 'RedBear login:' → 'Red Bear login:' (consistent branding) - exec-root-bypass: check both ruid and euid for root bypass (Linux checks effective UID) - netdb-retry: remove dead variables, check send() return on retry, clarify timeout comment
39 lines
1.3 KiB
Diff
39 lines
1.3 KiB
Diff
diff --git a/src/platform/redox/exec.rs b/src/platform/redox/exec.rs
|
|
index 3590413c..1b4b96bb 100644
|
|
--- a/src/platform/redox/exec.rs
|
|
+++ b/src/platform/redox/exec.rs
|
|
@@ -127,18 +127,22 @@ pub fn execve(
|
|
// TODO: At some point we might have capabilities limiting the ability to allocate
|
|
// executable memory.
|
|
|
|
- let Resugid { ruid, rgid, .. } = redox_rt::sys::posix_getresugid();
|
|
-
|
|
- let mode = if ruid == stat.st_uid {
|
|
- (stat.st_mode >> 3 * 2) & 0o7
|
|
- } else if rgid == stat.st_gid {
|
|
- (stat.st_mode >> 3 * 1) & 0o7
|
|
- } else {
|
|
- stat.st_mode & 0o7
|
|
- };
|
|
+ let Resugid { ruid, euid, rgid, .. } = redox_rt::sys::posix_getresugid();
|
|
+
|
|
+ // Root (uid 0) bypasses execute permission checks, matching Linux behavior.
|
|
+ // Check both ruid and euid since Linux checks the effective UID.
|
|
+ if ruid != 0 && euid != 0 {
|
|
+ let mode = if ruid == stat.st_uid {
|
|
+ (stat.st_mode >> 3 * 2) & 0o7
|
|
+ } else if rgid == stat.st_gid {
|
|
+ (stat.st_mode >> 3 * 1) & 0o7
|
|
+ } else {
|
|
+ stat.st_mode & 0o7
|
|
+ };
|
|
|
|
- if mode & 0o1 == 0o0 {
|
|
- return Err(Error::new(EPERM));
|
|
+ if mode & 0o1 == 0o0 {
|
|
+ return Err(Error::new(EACCES));
|
|
+ }
|
|
}
|
|
|
|
let cwd: Box<[u8]> = super::path::clone_cwd().unwrap_or_default().into();
|