On Tue, 21 Dec 1999, Steve Reid wrote: >Wmmon is a popular program for monitoring CPU load and other system >utilization. It runs as a dockapp under WindowMaker. > >The FreeBSD version of this program has a feature that can be trivially >exploited to gain group kmem in recent installs, or user root in really >old installs. This affects the FreeBSD version because under FreeBSD the >program must be installed setgid kmem or setuid root in order to access >system load information through the memory devices. The Linux version >should not be vulnerable because it reads information through procfs >which requires no special privileges. > <snip> An alternative solution would be to read such information from kernfs, usually (although optionally) mounted at /kern. kernfs is the *bsd equivalent to many of the files in linux's /proc. This would, of course, require the app to be rewritten to use /kern instead of /dev/kmem, but well worth it in my opinion. I should like to know why more apps don't require the *bsd {proc,kern}fs interface. They were, after all, designed to reduce the need for read access to /dev/kmem. .a.j.a.x. @ vxgas.linworth.org "You can run Java applets from anyone, anywhere, in complete safety" - Charles L. Perkins, "Teach Yourself Java in 21 Days" 3:24PM up 83 days, 8:26, 1 user, load averages: 0.09, 0.10, 0.08
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:22:27 PDT