o Reduce information leakage into jails by adding invocations of
p_can(...P_CAN_SEE...) to getpgid(), getsid(), and setpgid(), blocking these operations on processes that should not be visible by the requesting process. Required to reduce information leakage in MAC environments. Obtained from: TrustedBSD Project
This commit is contained in:
parent
bacff58c0e
commit
eb9e5c1d72
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=75448
@ -143,6 +143,7 @@ getpgid(p, uap)
|
||||
struct getpgid_args *uap;
|
||||
{
|
||||
struct proc *pt;
|
||||
int error;
|
||||
|
||||
pt = p;
|
||||
if (uap->pid == 0)
|
||||
@ -150,6 +151,8 @@ getpgid(p, uap)
|
||||
|
||||
if ((pt = pfind(uap->pid)) == 0)
|
||||
return ESRCH;
|
||||
if ((error = p_can(p, pt, P_CAN_SEE, NULL)))
|
||||
return (error);
|
||||
found:
|
||||
p->p_retval[0] = pt->p_pgrp->pg_id;
|
||||
return 0;
|
||||
@ -170,6 +173,7 @@ getsid(p, uap)
|
||||
struct getsid_args *uap;
|
||||
{
|
||||
struct proc *pt;
|
||||
int error;
|
||||
|
||||
pt = p;
|
||||
if (uap->pid == 0)
|
||||
@ -177,6 +181,8 @@ getsid(p, uap)
|
||||
|
||||
if ((pt = pfind(uap->pid)) == 0)
|
||||
return ESRCH;
|
||||
if ((error = p_can(p, pt, P_CAN_SEE, NULL)))
|
||||
return (error);
|
||||
found:
|
||||
p->p_retval[0] = pt->p_session->s_sid;
|
||||
return 0;
|
||||
@ -349,12 +355,15 @@ setpgid(curp, uap)
|
||||
{
|
||||
register struct proc *targp; /* target process */
|
||||
register struct pgrp *pgrp; /* target pgrp */
|
||||
int error;
|
||||
|
||||
if (uap->pgid < 0)
|
||||
return (EINVAL);
|
||||
if (uap->pid != 0 && uap->pid != curp->p_pid) {
|
||||
if ((targp = pfind(uap->pid)) == 0 || !inferior(targp))
|
||||
return (ESRCH);
|
||||
if ((error = p_can(curproc, targp, P_CAN_SEE, NULL)))
|
||||
return (error);
|
||||
if (targp->p_pgrp == NULL || targp->p_session != curp->p_session)
|
||||
return (EPERM);
|
||||
if (targp->p_flag & P_EXEC)
|
||||
|
Loading…
Reference in New Issue
Block a user