Drop privileges if not using standard namelist or kernel file.

Submitted by: smpatel (Sujal Patel)
svn path=/head/; revision=15993
1996-05-30 02:20:10 +00:00 · 1996-05-30 02:20:10 +00:00 · 66e5b18f29 · 2020-12-20 02:59:44 +00:00
commit 66e5b18f29
parent 5110a08c3c
2 changed files with 15 additions and 1 deletions
--- a/usr.bin/w/w.c
+++ b/usr.bin/w/w.c
@ -179,6 +179,13 @@ main(argc, argv)
 	_res.retrans = 2;	/* resolver timeout to 2 seconds per try */
 	_res.retry = 1;		/* only try once.. */

+	/*
+	 * Discard setgid privileges if not the running kernel so that bad
+	 * guys can't print interesting stuff from kernel memory.
+	 */
+	if (nlistf != NULL || memf != NULL)
+		setgid(getgid());
+
 	if ((kd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, errbuf)) == NULL)
 		errx(1, "%s", errbuf);

--- a/usr.sbin/slstat/slstat.c
+++ b/usr.sbin/slstat/slstat.c
@ -22,7 +22,7 @@
 */

 #ifndef lint
-static char rcsid[] = "$Id: slstat.c,v 1.3 1994/11/19 13:57:21 jkh Exp $";
+static char rcsid[] = "$Id: slstat.c,v 1.4 1995/05/30 03:52:30 rgrimes Exp $";
 #endif

 #include <stdio.h>
@ -132,6 +132,13 @@ main(argc, argv)
 			kflag++;
 		}
 	}
+	/*
+	 * Discard setgid privileges if not the running kernel so that bad
+	 * guys can't print interesting stuff from kernel memory.
+	 */
+	if (system != NULL || kmemf != NULL)
+	        setgid(getgid());
+
 	kvm_h = kvm_openfiles(system, kmemf, NULL, O_RDONLY, errbuf);
 	if (kvm_h == 0) {
 		(void)fprintf(stderr,