On Tue, 21 Dec 1999, Steve Reid wrote:
>Wmmon is a popular program for monitoring CPU load and other system
>utilization. It runs as a dockapp under WindowMaker.
>
>The FreeBSD version of this program has a feature that can be trivially
>exploited to gain group kmem in recent installs, or user root in really
>old installs. This affects the FreeBSD version because under FreeBSD the
>program must be installed setgid kmem or setuid root in order to access
>system load information through the memory devices. The Linux version
>should not be vulnerable because it reads information through procfs
>which requires no special privileges.
> <snip>
An alternative solution would be to read such information from kernfs,
usually (although optionally) mounted at /kern. kernfs is the *bsd
equivalent to many of the files in linux's /proc. This would, of
course, require the app to be rewritten to use /kern instead of
/dev/kmem, but well worth it in my opinion.
I should like to know why more apps don't require the *bsd {proc,kern}fs
interface. They were, after all, designed to reduce the need for read
access to /dev/kmem.
.a.j.a.x. @ vxgas.linworth.org
"You can run Java applets from anyone, anywhere, in complete safety"
- Charles L. Perkins, "Teach Yourself Java in 21 Days"
3:24PM up 83 days, 8:26, 1 user, load averages: 0.09, 0.10, 0.08
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:22:27 PDT