From nobody Thu May 1 19:51:42 2025 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ZpPnr1KkNz5vdvF; Thu, 01 May 2025 19:51:44 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4ZpPnp6JFHz46fM; Thu, 01 May 2025 19:51:42 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1746129102; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=t5SicR53ELAMS2u2lgbDdw/qPmJrfvcc+2TznsZgBps=; b=FrV3EJH70U9iKvmeF84AZu0ieX0+F8q34BjDFmLwGuFsxxV+2/HO31+Jeefenr5lR4QfyP Npx933tQC4/qXN4EAEgql4JsZHNSMQyOUEAkbtwkq8/m0sPd9DBHwnxeLwLg83zoyjNGRq BN3Nqm6PDv3wpsxkeTeyshrqRHAcUFjxN+3P6Bt0dlLGhyXNO0sFIE18axTumHm2CU8fD0 b471mtwdjUCCfdR4AWX3K+nEjsXuLj9ug4VQxBe0BCctJdFhOOXZqBSwjiFDa5+YOTIftA nNlrv4lyx5dv2O56EzOQcF/2K5+eypdI6/k/tJ9gHRdkP9B8Z+vqcttztlR/jg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1746129102; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=t5SicR53ELAMS2u2lgbDdw/qPmJrfvcc+2TznsZgBps=; b=F2sV5BhGoouhjfwK4UFvBV2Sv17E1blbtWwLLe6AEft7oNI5oSABEdkoPZNH0qVGWLOysz MEVCTFyDJ71Y1A0yytdPCcwbBFdA4RqbkYC4ZARy9BKKG3ac2m0L0CZTsv3yX41seGGoSt CPm4mTzaMv22CLvZx4Jb6WNLyc1eumeniWsJ1wBiqc6FGwTsh6Tiiuua0fI+VlDKRyXJL2 fMisLaQa2eDe3NQRhNmkrqQVmA2Wy8EN3Jue34awh+fSxvZa9N3Hy/oXrdFByGzOBZN772 QibPKrpgVFUyf4vRpPOkp4YMh84PuctS1hwty5PyFE7kpdV0GwlyicQOBwRrCQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1746129102; a=rsa-sha256; cv=none; b=qCWwm+fGSNhf2KajkBFWUCwTcshSGuyJh3bWYe9TqU62ki/mEllL42MQjRBOYqhRyIUGey 3ttRKia3Vzt7QomecfZM9sBFVF5UjvO9nQ1/BgXLVaWZBoSIDCk7gLLe4LPpzfL23fI7o9 MFyGM6SH0oytsrNa3KyqZXIEp1LR9O8CTxr34crV06lXaZbvJc8BcYpVFgCJ9Kfm57DG5V PrHTAu+fECsfyc4jkyi6jakxKfRYS2sHBxpdGa7plXR/lRromVpVboQZVUSepr0i6+y13r 7aKeLgv4mt00zVVLUCEn8tDGq+DyPZ2mEk1a8g8xcLVZFH8PJ35R3dXhtYo4XQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4ZpPnp5XQrzj9b; Thu, 01 May 2025 19:51:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 541JpgUi068688; Thu, 1 May 2025 19:51:42 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 541JpgXm068685; Thu, 1 May 2025 19:51:42 GMT (envelope-from git) Date: Thu, 1 May 2025 19:51:42 GMT Message-Id: <202505011951.541JpgXm068685@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Olivier Certner Subject: git: 1e8dc267ca91 - stable/14 - ps(1): Match current user's processes using ps' effective UID List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 1e8dc267ca912a39261627c54573233fbdcfc240 Auto-Submitted: auto-generated The branch stable/14 has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=1e8dc267ca912a39261627c54573233fbdcfc240 commit 1e8dc267ca912a39261627c54573233fbdcfc240 Author: Olivier Certner AuthorDate: 2025-04-01 09:47:25 +0000 Commit: Olivier Certner CommitDate: 2025-05-01 19:37:05 +0000 ps(1): Match current user's processes using ps' effective UID This puts our ps(1) in conformance with POSIX. While here, replace ad-hoc initialization of 'uidlist' with a call to expand_list(). *** Review of the ps(1) implementations in other BSDs, illumos, and Linux's procps shows they already behave as prescribed by POSIX. Previously, we would match processes with their effective user ID but using our real user ID. While the real user ID is meant as the real identity of a process, and is used, e.g., to perform accounting or be permitted to send signals to specific targets, selecting processes to display is arguably more akin to a kind of (advisory) access control. ps(1) is not installed setuid, so normally the real and effective user IDs of ps processes are the same. This may however not be the case when ps(1) is launched by another setuid executable, and the launching process may then logically expect that ps(1) lists the processes corresponding to its effective UID. MFC after: 3 days Relnotes: yes Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D49619 (code) Differential Revision: https://reviews.freebsd.org/D49620 (manual page) (cherry picked from commit 1aabbb25c9f9c4372fd68621f8cabdc10b665527) --- bin/ps/ps.1 | 26 +------------------------- bin/ps/ps.c | 13 +++++++------ 2 files changed, 8 insertions(+), 31 deletions(-) diff --git a/bin/ps/ps.1 b/bin/ps/ps.1 index 0a6a5555ba35..1814a3fca1b3 100644 --- a/bin/ps/ps.1 +++ b/bin/ps/ps.1 @@ -70,7 +70,7 @@ Other output styles can be requested via .Fl -libxo . .Pp By default, only the processes of the calling user, determined by matching their -effective user ID with the real user ID of the +effective user ID with that of the .Nm process, that have controlling terminals are shown. A different set of processes can be selected for display by using combinations @@ -980,14 +980,6 @@ However, other UNIX systems that provide this functionality do so via option instead, reserving .Fl g to query by group leaders. -.Pp -.Nm -currently determines the processes of the current user by matching their -effective user IDs with its own real user ID, whereas -.St -p1003.1-2024 -mandates the traditional UNIX practice of using the effective user ID as the -current user. -This is expected to be changed soon. .Sh HISTORY The .Nm @@ -1000,22 +992,6 @@ Since cannot run faster than the system and is run as any other scheduled process, the information it displays can never be exact. .Pp -.Nm -currently uses its real user ID as the current user when determining default -processes to show. -Besides being inconsistent with POSIX, using the real user ID essentially makes -sense for programs installed as setuid executables, which -.Nm -is not. -It also complicates the use of -.Nm -from other setuid executables, which cannot rely on its default process listing. -Finally, no other -.Nm -implementation (for other BSDs, illumos or Linux) behaves like this. -For all these reasons, the behavior is expected to be changed soon to using the -effective user ID instead. -.Pp .Nm ps currently does not correctly limit the ouput width, and in most cases does not limit it at all when it should. diff --git a/bin/ps/ps.c b/bin/ps/ps.c index ebfc3f0bb1e1..10ae3924a923 100644 --- a/bin/ps/ps.c +++ b/bin/ps/ps.c @@ -535,13 +535,14 @@ main(int argc, char *argv[]) */ nselectors = 0; else if (nselectors == 0) { - /* Default is to request our processes only. */ - uidlist.l.ptr = malloc(sizeof(uid_t)); - if (uidlist.l.ptr == NULL) - xo_errx(1, "malloc failed"); + /* + * Default is to request our processes only. As per POSIX, we + * match processes by their effective user IDs and we use our + * effective user ID as our own identity. + */ + expand_list(&uidlist); + uidlist.l.uids[uidlist.count++] = geteuid(); nselectors = 1; - uidlist.count = uidlist.maxcount = 1; - *uidlist.l.uids = getuid(); } /*