Vulnerability Development mailing list archives
Re: ps under FreeBSD
From: "Crist J. Clark" <crist.clark () attbi com>
Date: Mon, 20 May 2002 00:48:51 -0700
On Sun, May 19, 2002 at 11:53:07AM +0200, Guillaume PELAT wrote:
On Saturday 18 May 2002 18:57, Jakub Filonik wrote:Hi, I was playing with ps on FreeBSD with kern.ps_showallprocs=0 and I was surprised when I have seen that I may see info about running process, if I know it's IDAfter some investigation, the problem seems to be in sysctl_kern_proc function in /sys/kern/kern_proc.c The following patch seems to fix the problem(for freebsd 4.5): diff -dru sys/kern/kern_proc.c sys.new/kern/kern_proc.c --- sys/kern/kern_proc.c Tue May 1 15:39:06 2001 +++ sys.new/kern/kern_proc.c Sat May 18 15:27:57 2002 @@ -453,6 +453,8 @@ return (0); if (!PRISON_CHECK(curproc, p)) return (0); + if ((!ps_showallprocs) && p_trespass(curproc, p)) + return (0); error = sysctl_out_proc(p, req, 0); return (error); }
*GACK!!!* No, no. You just made it possible for a jailed process to see processes outside of the jail(8). ITYM, Index: src/sys/kern/kern_proc.c =================================================================== RCS file: /export/freebsd/ncvs/src/sys/kern/kern_proc.c,v retrieving revision 1.63.2.8 diff -u -r1.63.2.8 kern_proc.c --- src/sys/kern/kern_proc.c 1 May 2001 13:39:06 -0000 1.63.2.8 +++ src/sys/kern/kern_proc.c 20 May 2002 07:36:15 -0000 @@ -451,7 +451,8 @@ p = pfind((pid_t)name[0]); if (!p) return (0); - if (!PRISON_CHECK(curproc, p)) + if (!PRISON_CHECK(curproc, p) || + (!ps_showallprocs) && p_trespass(curproc, p)) return (0); error = sysctl_out_proc(p, req, 0); return (error); -- Crist J. Clark | cjclark () alum mit edu | cjclark () jhu edu http://people.freebsd.org/~cjc/ | cjc () freebsd org
Current thread:
- ps under FreeBSD Jakub Filonik (May 18)
- #2 ps under FreeBSD Jakub Filonik (May 18)
- Re: ps under FreeBSD Andrew Turner (May 19)
- Re: ps under FreeBSD J. Mallett (May 19)
- Re: ps under FreeBSD Idan l. (May 20)
- Re: ps under FreeBSD Guillaume PELAT (May 19)
- Re: ps under FreeBSD Crist J. Clark (May 20)
- Re: ps under FreeBSD Crist J. Clark (May 20)
- Re: ps under FreeBSD Crist J. Clark (May 20)