From 66e5b18f29ab0ed2884941cbae48dddc64e79836 Mon Sep 17 00:00:00 2001 From: Paul Traina Date: Thu, 30 May 1996 02:20:10 +0000 Subject: [PATCH] Drop privileges if not using standard namelist or kernel file. Submitted by: smpatel (Sujal Patel) --- usr.bin/w/w.c | 7 +++++++ usr.sbin/slstat/slstat.c | 9 ++++++++- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/usr.bin/w/w.c b/usr.bin/w/w.c index b75f7f48de33..924ba11fe253 100644 --- a/usr.bin/w/w.c +++ b/usr.bin/w/w.c @@ -179,6 +179,13 @@ main(argc, argv) _res.retrans = 2; /* resolver timeout to 2 seconds per try */ _res.retry = 1; /* only try once.. */ + /* + * Discard setgid privileges if not the running kernel so that bad + * guys can't print interesting stuff from kernel memory. + */ + if (nlistf != NULL || memf != NULL) + setgid(getgid()); + if ((kd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, errbuf)) == NULL) errx(1, "%s", errbuf); diff --git a/usr.sbin/slstat/slstat.c b/usr.sbin/slstat/slstat.c index 402c24840d17..eb7d3b7a99f8 100644 --- a/usr.sbin/slstat/slstat.c +++ b/usr.sbin/slstat/slstat.c @@ -22,7 +22,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: slstat.c,v 1.3 1994/11/19 13:57:21 jkh Exp $"; +static char rcsid[] = "$Id: slstat.c,v 1.4 1995/05/30 03:52:30 rgrimes Exp $"; #endif #include @@ -132,6 +132,13 @@ main(argc, argv) kflag++; } } + /* + * Discard setgid privileges if not the running kernel so that bad + * guys can't print interesting stuff from kernel memory. + */ + if (system != NULL || kmemf != NULL) + setgid(getgid()); + kvm_h = kvm_openfiles(system, kmemf, NULL, O_RDONLY, errbuf); if (kvm_h == 0) { (void)fprintf(stderr,