From owner-freebsd-hackers Mon Jul 10 01:12:22 1995 Return-Path: hackers-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id BAA29997 for hackers-outgoing; Mon, 10 Jul 1995 01:12:22 -0700 Received: from jau.csc.fi (root@jau.csc.fi [193.166.1.196]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id BAA29972 for ; Mon, 10 Jul 1995 01:11:16 -0700 Received: (from jau@localhost) by jau.csc.fi (8.6.11/8.6.9) id AAA00514 for hackers@freebsd.org; Mon, 10 Jul 1995 00:05:15 +0300 From: Jukka Ukkonen Message-Id: <199507092105.AAA00514@jau.csc.fi> Subject: getsid(2) revisited... To: hackers@freebsd.org Reply-To: ukkonen@aphrodite.funet.fi Date: Mon, 10 Jul 1995 00:05:14 +0300 (EET DST) Latin-Date: Lunti X Iulie a.d. MCMXCV Organization: Private person Phone: +358-0-578628 (home) Content-Conversion: prohibited X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Content-Length: 8422 Sender: hackers-owner@freebsd.org Precedence: bulk Hi! After giving some more thought to getsid(2) I realized one thing I had missed completely before. Naturally one should handle the limited access to session IDs so that also any process in a session can check the SID of any other process in the same session even if one is not a descendant of the other. This is the natural way to check whether two processes are part of the same session in the first place. This is also the major potential principle to limiting access to other processes' SIDs implied by some SVR4 manual pages, though I thought such to be too restricted a view of what should be taken as acceptable. In any case I guess it is better to stick with some kind of "need-to-know" principle instead of giving all processes global access to all SIDs. I also added the SID information to the session structure as the field named s_sid which is filled when the new session is created. The patch for this better version is attached at the end of this message. Please, destroy my previous patch. It was really a load of junk anyway. If you wish to experiment with getsid(2), use the new patch. As some of you already said it getsid(2), is not part of POSIX, at least not yet as far as I know, which is far from a thorough knowledge of the most recent changes in POSIX. The idea was to add portability from existing SVR4 systems and to try adjust to what probably might soon become required by known standards. I did encourage anybody to use such an "unportable hack" in their current software development, though there things that could be done more reliably and naturally by using getsid(2). As long as getsid(2) is not an obligatory everyday matter on all systems, one should not use it when writing code that should be portable to other environments. That is absolutely true. Being liberal in supporting what might be written for other environments and using the same features in one's own code are certainly two quite independent things. Cheers, // jau ------ / Jukka A. Ukkonen, FUNET / Centre for Scientific Computing /__ M.Sc. (sw-eng & cs) Tel: (Home) +358-0-578628 / Internet: ukkonen@csc.fi (Work) +358-0-4573208 / Internet: jau@funet.fi (Mobile) +358-400-606671 v X.400: c=fi, admd=fumail, no prmd, org=csc, pn=jukka.ukkonen *** /usr/src/lib/libc/sys/Makefile.inc.orig Sat May 27 07:17:04 1995 --- /usr/src/lib/libc/sys/Makefile.inc Fri Jul 7 01:46:41 1995 *************** *** 17,23 **** fchflags.o fchmod.o fchown.o fcntl.o flock.o fpathconf.o fstat.o \ fstatfs.o fsync.o getdirentries.o getdtablesize.o getegid.o \ geteuid.o getfh.o getfsstat.o getgid.o getgroups.o getitimer.o \ ! getpeername.o getpgrp.o getpid.o getppid.o getpriority.o \ getrlimit.o getrusage.o getsockname.o getsockopt.o gettimeofday.o \ getuid.o ioctl.o kill.o ktrace.o lfs_bmapv.o lfs_markv.o \ lfs_segclean.o lfs_segwait.o link.o listen.o lstat.o \ --- 17,23 ---- fchflags.o fchmod.o fchown.o fcntl.o flock.o fpathconf.o fstat.o \ fstatfs.o fsync.o getdirentries.o getdtablesize.o getegid.o \ geteuid.o getfh.o getfsstat.o getgid.o getgroups.o getitimer.o \ ! getpeername.o getpgrp.o getpid.o getppid.o getsid.o getpriority.o \ getrlimit.o getrusage.o getsockname.o getsockopt.o gettimeofday.o \ getuid.o ioctl.o kill.o ktrace.o lfs_bmapv.o lfs_markv.o \ lfs_segclean.o lfs_segwait.o link.o listen.o lstat.o \ *** /usr/include/sys/syscall.h.orig Sun Apr 23 15:22:06 1995 --- /usr/include/sys/syscall.h Sat Jul 8 00:07:56 1995 *************** *** 191,193 **** --- 191,194 ---- #define SYS___sysctl 202 #define SYS_mlock 203 #define SYS_munlock 204 + #define SYS_getsid 205 *** /usr/include/sys/syscall-hide.h.orig Fri Jul 7 01:14:16 1995 --- /usr/include/sys/syscall-hide.h Fri Jul 7 01:13:22 1995 *************** *** 214,216 **** --- 214,217 ---- HIDE_BSD(__sysctl) HIDE_BSD(mlock) HIDE_BSD(munlock) + HIDE_BSD(getsid) *** /sys/kern/init_sysent.c.orig Fri Jul 7 09:27:51 1995 --- /sys/kern/init_sysent.c Fri Jul 7 09:28:25 1995 *************** *** 177,182 **** --- 177,183 ---- int __sysctl(); int mlock(); int munlock(); + int getsid(); int lkmnosys(); #ifdef COMPAT_43 *************** *** 484,490 **** { 6, __sysctl }, /* 202 = __sysctl */ { 2, mlock }, /* 203 = mlock */ { 2, munlock }, /* 204 = munlock */ ! { 0, nosys }, /* 205 = nosys */ { 0, nosys }, /* 206 = nosys */ { 0, nosys }, /* 207 = nosys */ { 0, nosys }, /* 208 = nosys */ --- 485,492 ---- { 6, __sysctl }, /* 202 = __sysctl */ { 2, mlock }, /* 203 = mlock */ { 2, munlock }, /* 204 = munlock */ ! /* { 0, nosys }, 205 = nosys */ ! { 1, getsid }, /* 205 = getsid */ { 0, nosys }, /* 206 = nosys */ { 0, nosys }, /* 207 = nosys */ { 0, nosys }, /* 208 = nosys */ *** /sys/kern/kern_proc.c.orig Tue May 30 11:05:37 1995 --- /sys/kern/kern_proc.c Sun Jul 9 13:35:29 1995 *************** *** 211,216 **** --- 211,217 ---- MALLOC(sess, struct session *, sizeof(struct session), M_SESSION, M_WAITOK); sess->s_leader = p; + sess->s_sid = p->p_pid; sess->s_count = 1; sess->s_ttyvp = NULL; sess->s_ttyp = NULL; *** /sys/kern/kern_prot.c.orig Fri Jul 7 09:27:51 1995 --- /sys/kern/kern_prot.c Mon Jul 10 00:00:16 1995 *************** *** 95,100 **** --- 95,149 ---- return (0); } + /* + * External signature: pid_t getsid (pid_t); + * + * SVR4 style system call getsid() + * exists only because this is a trick which is practically + * impossible to do from within a user space subroutine. + * Often this kind of information is useful to have though, + * and probably X/Open will require this anyway. + */ + + struct getsid_args { + pid_t pid; + }; + + /* ARGSUSED */ + int + getsid (p, uap, retval) + struct proc *p; + struct getsid_args *uap; + int *retval; + { + register struct proc *targp; /* taget process */ + + if (! uap->pid || (uap->pid == p->p_pid)) + targp = p; + else { + if (! (targp = pfind(uap->pid))) + return (ESRCH); + + /* + * For true pedantics only... + * 1. Either current proc must be owned by root, + * 2. or be part of the same session as the target, + * 3. or be owned by the same effective uid as the target, + * 4. or the target must be a descendant of the caller. + */ + if (p->p_cred->pc_ucred->cr_uid + && (targp->p_session != p->p_session) + && (targp->p_cred->pc_ucred->cr_uid + != p->p_cred->pc_ucred->cr_uid) + && ! inferior(targp)) + return (EPERM); + } + + *retval = targp->p_session->s_sid; + + return (0); + } + /* ARGSUSED */ int getuid(p, uap, retval) *** /sys/kern/syscalls.c.orig Fri Jul 7 09:27:51 1995 --- /sys/kern/syscalls.c Fri Jul 7 09:28:25 1995 *************** *** 246,252 **** "__sysctl", /* 202 = __sysctl */ "mlock", /* 203 = mlock */ "munlock", /* 204 = munlock */ ! "#205", /* 205 = nosys */ "#206", /* 206 = nosys */ "#207", /* 207 = nosys */ "#208", /* 208 = nosys */ --- 246,253 ---- "__sysctl", /* 202 = __sysctl */ "mlock", /* 203 = mlock */ "munlock", /* 204 = munlock */ ! /* "#205", 205 = nosys */ ! "getsid", /* 205 = getsid */ "#206", /* 206 = nosys */ "#207", /* 207 = nosys */ "#208", /* 208 = nosys */ *** /sys/kern/syscalls.master.orig Fri Jul 7 09:27:51 1995 --- /sys/kern/syscalls.master Fri Jul 7 09:28:25 1995 *************** *** 277,283 **** ; here allows to avoid one in libc/sys/Makefile.inc. 203 STD 2 BSD mlock 204 STD 2 BSD munlock ! 205 UNIMPL 0 NOHIDE nosys 206 UNIMPL 0 NOHIDE nosys 207 UNIMPL 0 NOHIDE nosys 208 UNIMPL 0 NOHIDE nosys --- 277,284 ---- ; here allows to avoid one in libc/sys/Makefile.inc. 203 STD 2 BSD mlock 204 STD 2 BSD munlock ! ; 205 UNIMPL 0 NOHIDE nosys ! 205 STD 1 BSD getsid 206 UNIMPL 0 NOHIDE nosys 207 UNIMPL 0 NOHIDE nosys 208 UNIMPL 0 NOHIDE nosys *** /usr/include/unistd.h.orig Sun Jun 4 16:45:57 1995 --- /usr/include/unistd.h Fri Jul 7 08:25:45 1995 *************** *** 76,81 **** --- 76,82 ---- pid_t getpgrp __P((void)); pid_t getpid __P((void)); pid_t getppid __P((void)); + pid_t getsid __P((pid_t)); uid_t getuid __P((void)); int isatty __P((int)); int link __P((const char *, const char *));