Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 12 Aug 1997 07:12:13 -0700
From:      Cy Schubert <cy@cwsys.cwent.com>
To:        dg@root.com
Cc:        Sean Eric Fagan <sef@freebsd.org>, current@freebsd.org, security@freebsd.org
Subject:   Re: procfs patch 
Message-ID:  <199708121412.HAA01007@cwsys.cwent.com>
In-Reply-To: Your message of "Mon, 11 Aug 1997 02:53:05 PDT." <199708110953.CAA12034@implode.root.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
> >+ 	/*
> >+ 	 * XXX
> >+ 	 * We need to check for KMEM_GROUP because ps is sgid kmem;
> >+ 	 * not allowing it here causes ps to not work properly.  Arguably,
> >+ 	 * this is a bug with what ps does.  We only need to do this
> >+ 	 * for Pmem nodes, and only if it's reading.  This is still not
> >+ 	 * good, as it may still be possible to grab illicit data if
> >+ 	 * a process somehow gets to be KMEM_GROUP.  Note that this also
> >+ 	 * means that KMEM_GROUP can't change without editing procfs.h!
> >+ 	 * All in all, quite yucky.
> >+ 	 */
> >+ 
> >+ 	if (!CHECKIO(curp, p) &&
> >+ 	    ((curp->p_cred->pc_ucred->cr_gid != KMEM_GROUP) &&
> >+ 	     (uio->uio_rw != UIO_READ))
> >+ 		return EPERM;
> 
>    If I read this right, you allow reads, correct? This would allow access to
> potentially sensitive information in the setuid process. If the above is
> changed to fail no matter what the operation, I think your fix should be
> okay.

All this patch does, in addition to allowing the "standard" access list
access, is allow KMEM_GROUP read access, so IMHO it's almost perfect.
Could this be controllable via sysctl, which would be used at boot time
with a one-line awk script to get kmem's gid and poke it into the kernel.
If this is too risky, e.g. opens up a security hole that could be exploited
in another way, we could make this definition, and others like it, as
options in the kernel config file, thus allowing the values of special UID's
and GID's to be configurable.

Any thoughts?


Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
UNIX Support                   OV/VM:  BCSC02(CSCHUBER)
ITSD                          BITNET:  CSCHUBER@BCSC02.BITNET
Government of BC            Internet:  cschuber@uumail.gov.bc.ca
                                       cschuber@bcsc02.gov.bc.ca
				       cy@uumail.gov.bc.ca

		"Quit spooling around, JES do it."

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199708121412.HAA01007>