Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ps under FreeBSD

From: "Crist J. Clark" <crist.clark () attbi com>
Date: Mon, 20 May 2002 11:06:12 -0700
On Mon, May 20, 2002 at 12:48:51AM -0700, Crist J. Clark wrote:

On Sun, May 19, 2002 at 11:53:07AM +0200, Guillaume PELAT wrote:

On Saturday 18 May 2002 18:57, Jakub Filonik wrote:

Hi,
I was playing with ps on FreeBSD with kern.ps_showallprocs=0 and I was
surprised when I have seen that I may see info about running process, if I
know it's ID


After some investigation, the problem seems to be in sysctl_kern_proc
function in /sys/kern/kern_proc.c

The following patch seems to fix the problem(for freebsd 4.5):

diff -dru sys/kern/kern_proc.c sys.new/kern/kern_proc.c
--- sys/kern/kern_proc.c    Tue May  1 15:39:06 2001
+++ sys.new/kern/kern_proc.c        Sat May 18 15:27:57 2002
@@ -453,6 +453,8 @@
                    return (0);
            if (!PRISON_CHECK(curproc, p))
                    return (0);
+           if ((!ps_showallprocs) && p_trespass(curproc, p))
+                   return (0);
            error = sysctl_out_proc(p, req, 0);
            return (error);
    }


*GACK!!!*

No, no. You just made it possible for a jailed process to see
processes outside of the jail(8).


Duh. Obviously, I misread the patch as,


diff -dru sys/kern/kern_proc.c sys.new/kern/kern_proc.c
--- sys/kern/kern_proc.c    Tue May  1 15:39:06 2001
+++ sys.new/kern/kern_proc.c        Sat May 18 15:27:57 2002
@@ -453,6 +453,8 @@
                    return (0);
-           if (!PRISON_CHECK(curproc, p))
-                   return (0);
+           if ((!ps_showallprocs) && p_trespass(curproc, p))
+                   return (0);
            error = sysctl_out_proc(p, req, 0);
            return (error);
    }


It doesn't break anything w.r.t. jail(8). Sorry about that.
-- 
Crist J. Clark                     |     cjclark () alum mit edu
                                   |     cjclark () jhu edu
http://people.freebsd.org/~cjc/    |     cjc () freebsd org
Previous By Date Next
Previous By Thread Next

Current thread: