diff options
Diffstat (limited to 'Base/usr/share/man/man7')
| -rw-r--r-- | Base/usr/share/man/man7/Mitigations.md | 2 | ||||
| -rw-r--r-- | Base/usr/share/man/man7/Shell-vars.md | 2 | ||||
| -rw-r--r-- | Base/usr/share/man/man7/setuid_overview.md | 2 |
3 files changed, 3 insertions, 3 deletions
diff --git a/Base/usr/share/man/man7/Mitigations.md b/Base/usr/share/man/man7/Mitigations.md index 966fe9a982..e4bb883abe 100644 --- a/Base/usr/share/man/man7/Mitigations.md +++ b/Base/usr/share/man/man7/Mitigations.md @@ -132,7 +132,7 @@ Kernel: KUBSAN! (Kernel Undefined Behavior SANitizer) :^) ### Kernel unmap-after-init -Umap-after-init allows the kernel to remove functions which contain potentially +Unmap-after-init allows the kernel to remove functions which contain potentially dangerous [ROP gadgets](https://en.wikipedia.org/wiki/Return-oriented_programming) from kernel memory after we've booted up and they are no longer needed. Notably the `write_cr4(..)` function used to control processor features like the SMEP/SMAP bits diff --git a/Base/usr/share/man/man7/Shell-vars.md b/Base/usr/share/man/man7/Shell-vars.md index 82e4153edf..2666621ec6 100644 --- a/Base/usr/share/man/man7/Shell-vars.md +++ b/Base/usr/share/man/man7/Shell-vars.md @@ -4,7 +4,7 @@ Shell Variables - Special local and environment variables used by the Shell ## Description -The Shell uses various variables to allow for customisations of certain behavioral or visual things. +The Shell uses various variables to allow for customizations of certain behavioral or visual things. Such variables can be changed or set by the user to tweak how the shell presents things. ## Behavioral diff --git a/Base/usr/share/man/man7/setuid_overview.md b/Base/usr/share/man/man7/setuid_overview.md index aa7829598a..9866780159 100644 --- a/Base/usr/share/man/man7/setuid_overview.md +++ b/Base/usr/share/man/man7/setuid_overview.md @@ -22,7 +22,7 @@ Since SUID binaries are able to bypass access checks, only carefully selected bi In some instances, it is useful for a SUID binary to either temporarily or permanently drop its permissions and set the effective user ID to the real user ID. -To make this possible, each process has *three* user (and group) IDs: The (real) user ID, the *effective* user ID, and the *saved* user ID. When a process executes a normal binary, all three IDs are set to the parent process's user ID. However, when a process executes a SUID binary, the process runs with the paren process's ID as its real ID, but it takes its effective ID and saved ID from the binary. (Analogously for the group ID for SGID binaries.) +To make this possible, each process has *three* user (and group) IDs: The (real) user ID, the *effective* user ID, and the *saved* user ID. When a process executes a normal binary, all three IDs are set to the parent process's user ID. However, when a process executes a SUID binary, the process runs with the parent process's ID as its real ID, but it takes its effective ID and saved ID from the binary. (Analogously for the group ID for SGID binaries.) The function [`setresuid`(2)](../man2/getresuid.md) can change the real, effective, and saved user ID of a process -- but for non-root processes it is only valid to set each new ID to the current value of real, effective, or saved user ID. Since SUID binaries start with the binary's owner as effective and saved user ID and with the current user's ID as real user ID, this allows switching the effective user ID between the SUID owner's ID and the current user's ID. |