mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2025-01-28 16:43:09 +00:00
Code Issues Releases Activity

Close another information leak in ktrace(2): one was able to find active

Browse Source 
process groups outside a jail, etc. by using ktrace(2).

OK'ed by:	rwatson
Approved by:	re (scottl)
MFC after:	1 week
This commit is contained in:
Pawel Jakub Dawidek 2005-06-24 12:05:24 +00:00
parent 5c52b5abbc
commit 400a74bff8
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=147576
1 changed files with 16 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
sys/kern/kern_ktrace.c
View File

@ -506,7 +506,7 @@ ktrace(td, uap)
int facs = uap->facs & ~KTRFAC_ROOT; int facs = uap->facs & ~KTRFAC_ROOT;
int ops = KTROP(uap->ops); int ops = KTROP(uap->ops);
int descend = uap->ops & KTRFLAG_DESCEND; int descend = uap->ops & KTRFLAG_DESCEND;
int ret = 0; int nfound, ret = 0;
int flags, error = 0; int flags, error = 0;
struct nameidata nd; struct nameidata nd;
struct ucred *cred; struct ucred *cred;
@ -592,11 +592,25 @@ ktrace(td, uap)
* by the proctree_lock rather than pg_mtx. * by the proctree_lock rather than pg_mtx.
*/ */
PGRP_UNLOCK(pg); PGRP_UNLOCK(pg);
LIST_FOREACH(p, &pg->pg_members, p_pglist) nfound = 0;
LIST_FOREACH(p, &pg->pg_members, p_pglist) {
PROC_LOCK(p);
if (p_cansee(td, p) != 0) {
PROC_UNLOCK(p);
continue;
}
PROC_UNLOCK(p);
nfound++;
if (descend) if (descend)
ret |= ktrsetchildren(td, p, ops, facs, vp); ret |= ktrsetchildren(td, p, ops, facs, vp);
else else
ret |= ktrops(td, p, ops, facs, vp); ret |= ktrops(td, p, ops, facs, vp);
}
if (nfound == 0) {
sx_sunlock(&proctree_lock);
error = ESRCH;
goto done;
}
} else { } else {
/* /*
* by pid * by pid