Skip site navigation (1)Skip section navigation (2) 
Date:      06 Oct 2001 16:01:35 +0200
From:      Dag-Erling Smorgrav <des@ofug.org>
To:        Robert Watson <rwatson@FreeBSD.ORG>
Cc:        Peter Wemm <peter@wemm.org>, arch@FreeBSD.ORG
Subject:   Re: Removing ptrace(2)'s dependency on procfs(5)
Message-ID:  <xzpitdsrhog.fsf@flood.ping.uio.no>
In-Reply-To: <Pine.NEB.3.96L.1011006095018.66473D-100000@fledge.watson.org>
References:  <Pine.NEB.3.96L.1011006095018.66473D-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
Robert Watson <rwatson@FreeBSD.ORG> writes:
> I'm leaning towards (2): debugging simply doesn't apply, and should be
> checked for by the routines.  If it were a security check, that might
> imply that you could change the policy to allow such debugging, which you
> can't.  Since we would still like ESRCH to be returned for processes in
> jail when attempting to attach to system processes, that means that the
> security check should go first, and the P_SYSTEM check should go second.

Sure, but doesn't prison_check() take care of ESRCH?  I can add the
P_SYSTEM check *after* the prison_check() call in p_candebug():

Index: kern_prot.c
===================================================================
RCS file: /home/ncvs/src/sys/kern/kern_prot.c,v
retrieving revision 1.107
diff -u -u -r1.107 kern_prot.c
--- kern_prot.c 26 Sep 2001 20:41:48 -0000      1.107
+++ kern_prot.c 6 Oct 2001 13:56:56 -0000
@@ -1534,9 +1534,15 @@
 {
        int error;

+       if (p1 == p2)
+               return (0);
+
        if ((error = prison_check(p1->p_ucred, p2->p_ucred)))
                return (error);

+       if ((p2->p_flag & P_SYSTEM) != 0)
+               return (EINVAL);
+
        /*
         * Not owned by you, has done setuid (unless you're root).
         * XXX add a CAP_SYS_PTRACE here?

This way, when the target process is a system process, p_candebug()
will return ESRCH if the caller is jailed and EINVAL if it isn't.

DES (kernel hacking with a hangover)
-- 
Dag-Erling Smorgrav - des@ofug.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpitdsrhog.fsf>