d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix information leakage.

Browse Source 
Without this fix it is possible to cheat policies like:
- sysctl security.bsd.see_other_[gu]ids=0,
- mac_seeotheruids(4),
- jail(2)
and get full processes list with their arguments.

This problem exists from revision 1.62 of kern_proc.c when it was
introduced.

Reviewed by:	nectar, rwatson.
This commit is contained in:
pjd 2004-03-17 13:19:43 +00:00
parent 0f33a4da2f
commit 11852bf574
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
sys/kern/kern_proc.c
View File

@ -1106,11 +1106,16 @@ sysctl_kern_proc_args(SYSCTL_HANDLER_ARGS)
if (!p)
return (ESRCH);
if ((!ps_argsopen) && (error = p_cansee(curthread, p))) {
if ((error = p_cansee(curthread, p)) != 0) {
PROC_UNLOCK(p);
return (error);
}
if (!ps_argsopen) {
PROC_UNLOCK(p);
return (EPERM);
}
if (req->newptr && curproc != p) {
PROC_UNLOCK(p);
return (EPERM);