CVSROOT: /cvs Module name: src Changes by: [email protected] 2015/02/06 02:16:06
Modified files:
sbin/dhclient : dhclient.c privsep.c privsep.h
Log message:
The write_file() privsep interface was too permissive and
theoretically allowed the unprivileged child process to write to
arbitrary files. Restrict it by replacing it with two specific
write_resolv_conf() and write_option_db() privsep interfaces where all
the critical decision has been moved to the parent.
OK krw@
