Re: ps under FreeBSD

From: Crist J. Clark (crist.clarkat_private)
Date: Mon May 20 2002 - 00:48:51 PDT

Next message: Idan l.: "Re: ps under FreeBSD"

Previous message: Karma: "saving .asx target file"
In reply to: Guillaume PELAT: "Re: ps under FreeBSD"
Next in thread: Crist J. Clark: "Re: ps under FreeBSD"
Reply: Crist J. Clark: "Re: ps under FreeBSD"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, May 19, 2002 at 11:53:07AM +0200, Guillaume PELAT wrote:
> On Saturday 18 May 2002 18:57, Jakub Filonik wrote:
> > Hi,
> > I was playing with ps on FreeBSD with kern.ps_showallprocs=0 and I was
> > surprised when I have seen that I may see info about running process, if I
> > know it's ID
> 
> After some investigation, the problem seems to be in sysctl_kern_proc
> function in /sys/kern/kern_proc.c
> 
> The following patch seems to fix the problem(for freebsd 4.5):
> 
> diff -dru sys/kern/kern_proc.c sys.new/kern/kern_proc.c
> --- sys/kern/kern_proc.c	Tue May  1 15:39:06 2001
> +++ sys.new/kern/kern_proc.c	Sat May 18 15:27:57 2002
> @@ -453,6 +453,8 @@
>  			return (0);
>  		if (!PRISON_CHECK(curproc, p))
>  			return (0);
> +		if ((!ps_showallprocs) && p_trespass(curproc, p))
> +			return (0);
>  		error = sysctl_out_proc(p, req, 0);
>  		return (error);
>  	}

*GACK!!!*

No, no. You just made it possible for a jailed process to see
processes outside of the jail(8). ITYM,

Index: src/sys/kern/kern_proc.c
===================================================================
RCS file: /export/freebsd/ncvs/src/sys/kern/kern_proc.c,v
retrieving revision 1.63.2.8
diff -u -r1.63.2.8 kern_proc.c
--- src/sys/kern/kern_proc.c	1 May 2001 13:39:06 -0000	1.63.2.8
+++ src/sys/kern/kern_proc.c	20 May 2002 07:36:15 -0000
@@ -451,7 +451,8 @@
 		p = pfind((pid_t)name[0]);
 		if (!p)
 			return (0);
-		if (!PRISON_CHECK(curproc, p))
+		if (!PRISON_CHECK(curproc, p) || 
+		    (!ps_showallprocs) && p_trespass(curproc, p))
 			return (0);
 		error = sysctl_out_proc(p, req, 0);
 		return (error);

-- 
Crist J. Clark                     |     cjclarkat_private
                                   |     cjclarkat_private
http://people.freebsd.org/~cjc/    |     cjcat_private

Next message: Idan l.: "Re: ps under FreeBSD"
Previous message: Karma: "saving .asx target file"
In reply to: Guillaume PELAT: "Re: ps under FreeBSD"
Next in thread: Crist J. Clark: "Re: ps under FreeBSD"
Reply: Crist J. Clark: "Re: ps under FreeBSD"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon May 20 2002 - 10:06:49 PDT