From owner-freebsd-audit@FreeBSD.ORG Wed Oct 22 04:46:59 2003 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E244C16A4B3 for ; Wed, 22 Oct 2003 04:46:59 -0700 (PDT) Received: from heechee.tobez.org (heechee.tobez.org [217.157.39.226]) by mx1.FreeBSD.org (Postfix) with ESMTP id B409C43F93 for ; Wed, 22 Oct 2003 04:46:58 -0700 (PDT) (envelope-from tobez@tobez.org) Received: by heechee.tobez.org (Postfix, from userid 1001) id AA796175CF; Wed, 22 Oct 2003 13:46:56 +0200 (CEST) Date: Wed, 22 Oct 2003 13:46:56 +0200 From: Anton Berezin To: audit@freebsd.org Message-ID: <20031022114656.GB1141@heechee.tobez.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.4i Subject: simplify mode parsing in chmod(1) X-BeenThere: freebsd-audit@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Security Audit List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Oct 2003 11:47:00 -0000 Hi, Any objections to this patch (yes, setmode(3) handles octal modes)? Index: chmod.c =================================================================== RCS file: /home/ncvs/src/bin/chmod/chmod.c,v retrieving revision 1.29 diff -u -r1.29 chmod.c --- chmod.c 1 May 2003 16:58:54 -0000 1.29 +++ chmod.c 22 Oct 2003 11:14:49 -0000 @@ -65,16 +65,13 @@ FTS *ftsp; FTSENT *p; mode_t *set; - long val; - int oct; int Hflag, Lflag, Rflag, ch, fflag, fts_options, hflag, rval; int vflag; - char *ep, *mode; - mode_t newmode, omode; + char *mode; + mode_t newmode; int (*change_mode)(const char *, mode_t); set = NULL; - omode = 0; Hflag = Lflag = Rflag = fflag = hflag = vflag = 0; while ((ch = getopt(argc, argv, "HLPRXfghorstuvwx")) != -1) switch (ch) { @@ -152,22 +149,8 @@ change_mode = chmod; mode = *argv; - if (*mode >= '0' && *mode <= '7') { - errno = 0; - val = strtol(mode, &ep, 8); - if (val > USHRT_MAX || val < 0) - errno = ERANGE; - if (errno) - err(1, "invalid file mode: %s", mode); - if (*ep) - errx(1, "invalid file mode: %s", mode); - omode = (mode_t)val; - oct = 1; - } else { - if ((set = setmode(mode)) == NULL) - errx(1, "invalid file mode: %s", mode); - oct = 0; - } + if ((set = setmode(mode)) == NULL) + errx(1, "invalid file mode: %s", mode); if ((ftsp = fts_open(++argv, fts_options, 0)) == NULL) err(1, "fts_open"); @@ -200,7 +183,7 @@ default: break; } - newmode = oct ? omode : getmode(set, p->fts_statp->st_mode); + newmode = getmode(set, p->fts_statp->st_mode); if ((newmode & ALLPERMS) == (p->fts_statp->st_mode & ALLPERMS)) continue; if ((*change_mode)(p->fts_accpath, newmode) && !fflag) { Cheers, \Anton. -- If I did know the future of Perl, and if I told you, you'd probably run away screaming. -- Larry Wall From owner-freebsd-audit@FreeBSD.ORG Wed Oct 22 06:09:59 2003 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D578016A4B3 for ; Wed, 22 Oct 2003 06:09:59 -0700 (PDT) Received: from melusine.cuivre.fr.eu.org (melusine.cuivre.fr.eu.org [62.212.105.185]) by mx1.FreeBSD.org (Postfix) with ESMTP id 09D6543FBD for ; Wed, 22 Oct 2003 06:09:57 -0700 (PDT) (envelope-from thomas@FreeBSD.ORG) Received: by melusine.cuivre.fr.eu.org (Postfix, from userid 1000) id 828372C3D0; Wed, 22 Oct 2003 15:09:54 +0200 (CEST) Date: Wed, 22 Oct 2003 15:09:54 +0200 From: Thomas Quinot To: Anton Berezin Message-ID: <20031022130954.GB52830@melusine.cuivre.fr.eu.org> References: <20031022114656.GB1141@heechee.tobez.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="Q68bSM7Ycu6FN28Q" Content-Disposition: inline In-Reply-To: <20031022114656.GB1141@heechee.tobez.org> User-Agent: Mutt/1.4i X-message-flag: WARNING! Using Outlook can damage your computer. cc: audit@freebsd.org Subject: Re: simplify mode parsing in chmod(1) X-BeenThere: freebsd-audit@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Security Audit List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Oct 2003 13:09:59 -0000 --Q68bSM7Ycu6FN28Q Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable * Anton Berezin, 2003-10-22 : > Any objections to this patch (yes, setmode(3) handles octal modes)? Looks fine to me. --=20 Thomas.Quinot@Cuivre.FR.EU.ORG --Q68bSM7Ycu6FN28Q Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) iD8DBQE/loGhAE1UuDk9JGkRAi/9AJ9hg0upRK+QfRovboF4b1uVRl7TLwCeJ1r5 yRjYRHb9ihuSCxNpVtHlPLQ= =c6O3 -----END PGP SIGNATURE----- --Q68bSM7Ycu6FN28Q-- From owner-freebsd-audit@FreeBSD.ORG Fri Oct 24 00:26:26 2003 Return-Path: Delivered-To: freebsd-audit@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 391F516A4B3 for ; Fri, 24 Oct 2003 00:26:26 -0700 (PDT) Received: from is1.mh.itc.u-tokyo.ac.jp (is1.mh.itc.u-tokyo.ac.jp [133.11.205.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9B1A743FDD for ; Fri, 24 Oct 2003 00:26:23 -0700 (PDT) (envelope-from simokawa@sat.t.u-tokyo.ac.jp) Received: from is1.mh.itc.u-tokyo.ac.jp (is1.mh.itc.u-tokyo.ac.jp [127.0.0.1]) by is1.mh.itc.u-tokyo.ac.jp (Postfix) with ESMTP id 7D0EB21841C for ; Fri, 24 Oct 2003 16:26:21 +0900 (JST) Received: from mailhosting.itc.u-tokyo.ac.jp (IDENT:mirapoint@mailhosting.itc.u-tokyo.ac.jp [133.11.205.3]) h9O7QLSs013898 for ; Fri, 24 Oct 2003 16:26:21 +0900 Received: from ett.sat.t.u-tokyo.ac.jp (ett.sat.t.u-tokyo.ac.jp [133.11.135.3])3.3.5-GR) with ESMTP id ALC88292; Fri, 24 Oct 2003 16:26:20 +0900 (JST) Date: Fri, 24 Oct 2003 16:26:20 +0900 Message-ID: From: Hidetoshi Shimokawa To: audit@freebsd.org User-Agent: Wanderlust/2.11.0 (Wonderwall) REMI/1.14.3 (Matsudai) FLIM/1.14.3 (=?ISO-8859-1?Q?Unebigory=F2mae?=) APEL/10.3 MULE XEmacs/21.4 (patch 8) (Honest Recruiter) (i386--freebsd) X-Face: OE([KxWyJI0r[R~S/>7ia}SJ)i%a,$-9%7{*yihQk|]gl}2p#"oXmX/fT}Bn7: #j7i14gu$jgR\S*&C3R/pJX List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Oct 2003 07:26:26 -0000 Hi, Does anyone object to committing this patch to the tree? This patch allows kvm_open() to open any raw devices as a crush dump. This enables us to use /dev/fwmem* as a core file. (at least for i386 with hw.firewire.fwmem.eui64_hi/lo) e.g. ps -M /dev/fwmem0.0 -N kernel.debug dmesg -M /dev/fwmem0.0 -N kernel.debug gdb -k -c /dev/fwmem0.0 kernel.debug My concern is setu(g)ided command which is linked with libkvm. As far as I checked, there are only commands setgided with kmem, and the group kmem is allowed to access only /dev/mem and /dev/kmem for default installation. --- //depot/vendor/freebsd/src/lib/libkvm/kvm.c 2003/07/31 16:38:08 +++ //depot/user/simokawa/firewire/lib/libkvm/kvm.c 2003/10/08 09:29:09 @@ -192,11 +192,8 @@ */ if (strcmp(mf, _PATH_DEVNULL) == 0) { kd->vmfd = open(_PATH_DEVNULL, O_RDONLY); - } else if (strcmp(mf, _PATH_MEM) != 0) { - _kvm_err(kd, kd->program, - "%s: not physical memory device", mf); - goto failed; - } else { + return (kd); + } else if (strcmp(mf, _PATH_MEM) == 0) { if ((kd->vmfd = open(_PATH_KMEM, flag)) < 0) { _kvm_syserr(kd, kd->program, "%s", _PATH_KMEM); goto failed; @@ -205,24 +202,24 @@ _kvm_syserr(kd, kd->program, "%s", _PATH_KMEM); goto failed; } + return (kd); } - } else { - /* - * This is a crash dump. - * Initialize the virtual address translation machinery, - * but first setup the namelist fd. - */ - if ((kd->nlfd = open(uf, O_RDONLY, 0)) < 0) { - _kvm_syserr(kd, kd->program, "%s", uf); - goto failed; - } - if (fcntl(kd->nlfd, F_SETFD, FD_CLOEXEC) < 0) { - _kvm_syserr(kd, kd->program, "%s", uf); - goto failed; - } - if (_kvm_initvtop(kd) < 0) - goto failed; + } + /* + * This is a crash dump. + * Initialize the virtual address translation machinery, + * but first setup the namelist fd. + */ + if ((kd->nlfd = open(uf, O_RDONLY, 0)) < 0) { + _kvm_syserr(kd, kd->program, "%s", uf); + goto failed; + } + if (fcntl(kd->nlfd, F_SETFD, FD_CLOEXEC) < 0) { + _kvm_syserr(kd, kd->program, "%s", uf); + goto failed; } + if (_kvm_initvtop(kd) < 0) + goto failed; return (kd); failed: /* /\ Hidetoshi Shimokawa \/ simokawa@sat.t.u-tokyo.ac.jp PGP public key: http://www.sat.t.u-tokyo.ac.jp/~simokawa/pgp.html