Date: Mon, 10 Jul 1995 00:05:14 +0300 (EET DST) From: Jukka Ukkonen <jau@jau.csc.fi> To: hackers@freebsd.org Subject: getsid(2) revisited... Message-ID: <199507092105.AAA00514@jau.csc.fi>
next in thread | raw e-mail | index | archive | help
Hi!
After giving some more thought to getsid(2) I realized one
thing I had missed completely before. Naturally one should handle
the limited access to session IDs so that also any process in
a session can check the SID of any other process in the same
session even if one is not a descendant of the other. This
is the natural way to check whether two processes are part
of the same session in the first place. This is also the
major potential principle to limiting access to other processes'
SIDs implied by some SVR4 manual pages, though I thought such
to be too restricted a view of what should be taken as acceptable.
In any case I guess it is better to stick with some kind of
"need-to-know" principle instead of giving all processes global
access to all SIDs.
I also added the SID information to the session structure as
the field named s_sid which is filled when the new session
is created. The patch for this better version is attached at
the end of this message. Please, destroy my previous patch.
It was really a load of junk anyway. If you wish to experiment
with getsid(2), use the new patch.
As some of you already said it getsid(2), is not part of POSIX,
at least not yet as far as I know, which is far from a thorough
knowledge of the most recent changes in POSIX.
The idea was to add portability from existing SVR4 systems
and to try adjust to what probably might soon become required
by known standards. I did encourage anybody to use such an
"unportable hack" in their current software development, though
there things that could be done more reliably and naturally by
using getsid(2). As long as getsid(2) is not an obligatory
everyday matter on all systems, one should not use it when
writing code that should be portable to other environments.
That is absolutely true. Being liberal in supporting what might
be written for other environments and using the same features
in one's own code are certainly two quite independent things.
Cheers,
// jau
------
/ Jukka A. Ukkonen, FUNET / Centre for Scientific Computing
/__ M.Sc. (sw-eng & cs) Tel: (Home) +358-0-578628
/ Internet: ukkonen@csc.fi (Work) +358-0-4573208
/ Internet: jau@funet.fi (Mobile) +358-400-606671
v X.400: c=fi, admd=fumail, no prmd, org=csc, pn=jukka.ukkonen
*** /usr/src/lib/libc/sys/Makefile.inc.orig Sat May 27 07:17:04 1995
--- /usr/src/lib/libc/sys/Makefile.inc Fri Jul 7 01:46:41 1995
***************
*** 17,23 ****
fchflags.o fchmod.o fchown.o fcntl.o flock.o fpathconf.o fstat.o \
fstatfs.o fsync.o getdirentries.o getdtablesize.o getegid.o \
geteuid.o getfh.o getfsstat.o getgid.o getgroups.o getitimer.o \
! getpeername.o getpgrp.o getpid.o getppid.o getpriority.o \
getrlimit.o getrusage.o getsockname.o getsockopt.o gettimeofday.o \
getuid.o ioctl.o kill.o ktrace.o lfs_bmapv.o lfs_markv.o \
lfs_segclean.o lfs_segwait.o link.o listen.o lstat.o \
--- 17,23 ----
fchflags.o fchmod.o fchown.o fcntl.o flock.o fpathconf.o fstat.o \
fstatfs.o fsync.o getdirentries.o getdtablesize.o getegid.o \
geteuid.o getfh.o getfsstat.o getgid.o getgroups.o getitimer.o \
! getpeername.o getpgrp.o getpid.o getppid.o getsid.o getpriority.o \
getrlimit.o getrusage.o getsockname.o getsockopt.o gettimeofday.o \
getuid.o ioctl.o kill.o ktrace.o lfs_bmapv.o lfs_markv.o \
lfs_segclean.o lfs_segwait.o link.o listen.o lstat.o \
*** /usr/include/sys/syscall.h.orig Sun Apr 23 15:22:06 1995
--- /usr/include/sys/syscall.h Sat Jul 8 00:07:56 1995
***************
*** 191,193 ****
--- 191,194 ----
#define SYS___sysctl 202
#define SYS_mlock 203
#define SYS_munlock 204
+ #define SYS_getsid 205
*** /usr/include/sys/syscall-hide.h.orig Fri Jul 7 01:14:16 1995
--- /usr/include/sys/syscall-hide.h Fri Jul 7 01:13:22 1995
***************
*** 214,216 ****
--- 214,217 ----
HIDE_BSD(__sysctl)
HIDE_BSD(mlock)
HIDE_BSD(munlock)
+ HIDE_BSD(getsid)
*** /sys/kern/init_sysent.c.orig Fri Jul 7 09:27:51 1995
--- /sys/kern/init_sysent.c Fri Jul 7 09:28:25 1995
***************
*** 177,182 ****
--- 177,183 ----
int __sysctl();
int mlock();
int munlock();
+ int getsid();
int lkmnosys();
#ifdef COMPAT_43
***************
*** 484,490 ****
{ 6, __sysctl }, /* 202 = __sysctl */
{ 2, mlock }, /* 203 = mlock */
{ 2, munlock }, /* 204 = munlock */
! { 0, nosys }, /* 205 = nosys */
{ 0, nosys }, /* 206 = nosys */
{ 0, nosys }, /* 207 = nosys */
{ 0, nosys }, /* 208 = nosys */
--- 485,492 ----
{ 6, __sysctl }, /* 202 = __sysctl */
{ 2, mlock }, /* 203 = mlock */
{ 2, munlock }, /* 204 = munlock */
! /* { 0, nosys }, 205 = nosys */
! { 1, getsid }, /* 205 = getsid */
{ 0, nosys }, /* 206 = nosys */
{ 0, nosys }, /* 207 = nosys */
{ 0, nosys }, /* 208 = nosys */
*** /sys/kern/kern_proc.c.orig Tue May 30 11:05:37 1995
--- /sys/kern/kern_proc.c Sun Jul 9 13:35:29 1995
***************
*** 211,216 ****
--- 211,217 ----
MALLOC(sess, struct session *, sizeof(struct session),
M_SESSION, M_WAITOK);
sess->s_leader = p;
+ sess->s_sid = p->p_pid;
sess->s_count = 1;
sess->s_ttyvp = NULL;
sess->s_ttyp = NULL;
*** /sys/kern/kern_prot.c.orig Fri Jul 7 09:27:51 1995
--- /sys/kern/kern_prot.c Mon Jul 10 00:00:16 1995
***************
*** 95,100 ****
--- 95,149 ----
return (0);
}
+ /*
+ * External signature: pid_t getsid (pid_t);
+ *
+ * SVR4 style system call getsid()
+ * exists only because this is a trick which is practically
+ * impossible to do from within a user space subroutine.
+ * Often this kind of information is useful to have though,
+ * and probably X/Open will require this anyway.
+ */
+
+ struct getsid_args {
+ pid_t pid;
+ };
+
+ /* ARGSUSED */
+ int
+ getsid (p, uap, retval)
+ struct proc *p;
+ struct getsid_args *uap;
+ int *retval;
+ {
+ register struct proc *targp; /* taget process */
+
+ if (! uap->pid || (uap->pid == p->p_pid))
+ targp = p;
+ else {
+ if (! (targp = pfind(uap->pid)))
+ return (ESRCH);
+
+ /*
+ * For true pedantics only...
+ * 1. Either current proc must be owned by root,
+ * 2. or be part of the same session as the target,
+ * 3. or be owned by the same effective uid as the target,
+ * 4. or the target must be a descendant of the caller.
+ */
+ if (p->p_cred->pc_ucred->cr_uid
+ && (targp->p_session != p->p_session)
+ && (targp->p_cred->pc_ucred->cr_uid
+ != p->p_cred->pc_ucred->cr_uid)
+ && ! inferior(targp))
+ return (EPERM);
+ }
+
+ *retval = targp->p_session->s_sid;
+
+ return (0);
+ }
+
/* ARGSUSED */
int
getuid(p, uap, retval)
*** /sys/kern/syscalls.c.orig Fri Jul 7 09:27:51 1995
--- /sys/kern/syscalls.c Fri Jul 7 09:28:25 1995
***************
*** 246,252 ****
"__sysctl", /* 202 = __sysctl */
"mlock", /* 203 = mlock */
"munlock", /* 204 = munlock */
! "#205", /* 205 = nosys */
"#206", /* 206 = nosys */
"#207", /* 207 = nosys */
"#208", /* 208 = nosys */
--- 246,253 ----
"__sysctl", /* 202 = __sysctl */
"mlock", /* 203 = mlock */
"munlock", /* 204 = munlock */
! /* "#205", 205 = nosys */
! "getsid", /* 205 = getsid */
"#206", /* 206 = nosys */
"#207", /* 207 = nosys */
"#208", /* 208 = nosys */
*** /sys/kern/syscalls.master.orig Fri Jul 7 09:27:51 1995
--- /sys/kern/syscalls.master Fri Jul 7 09:28:25 1995
***************
*** 277,283 ****
; here allows to avoid one in libc/sys/Makefile.inc.
203 STD 2 BSD mlock
204 STD 2 BSD munlock
! 205 UNIMPL 0 NOHIDE nosys
206 UNIMPL 0 NOHIDE nosys
207 UNIMPL 0 NOHIDE nosys
208 UNIMPL 0 NOHIDE nosys
--- 277,284 ----
; here allows to avoid one in libc/sys/Makefile.inc.
203 STD 2 BSD mlock
204 STD 2 BSD munlock
! ; 205 UNIMPL 0 NOHIDE nosys
! 205 STD 1 BSD getsid
206 UNIMPL 0 NOHIDE nosys
207 UNIMPL 0 NOHIDE nosys
208 UNIMPL 0 NOHIDE nosys
*** /usr/include/unistd.h.orig Sun Jun 4 16:45:57 1995
--- /usr/include/unistd.h Fri Jul 7 08:25:45 1995
***************
*** 76,81 ****
--- 76,82 ----
pid_t getpgrp __P((void));
pid_t getpid __P((void));
pid_t getppid __P((void));
+ pid_t getsid __P((pid_t));
uid_t getuid __P((void));
int isatty __P((int));
int link __P((const char *, const char *));
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199507092105.AAA00514>