Date: Mon, 5 Dec 2011 19:34:03 +0000 (UTC) From: Mikolaj Golub <trociny@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r228288 - head/sys/kern Message-ID: <201112051934.pB5JY3iK054960@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: trociny Date: Mon Dec 5 19:34:02 2011 New Revision: 228288 URL: http://svn.freebsd.org/changeset/base/228288 Log: Protect kern.proc.auxv and kern.proc.ps_strings sysctls with p_candebug(). Citing jilles: If we are ever going to do ASLR, the AUXV information tells an attacker where the stack, executable and RTLD are located, which defeats much of the point of randomizing the addresses in the first place. Given that the AUXV information seems to be used by debuggers only anyway, I think it would be good to move it to p_candebug() now. The full virtual memory maps (KERN_PROC_VMMAP, procstat -v) are already under p_candebug(). Suggested by: jilles Discussed with: rwatson MFC after: 1 week Modified: head/sys/kern/kern_proc.c Modified: head/sys/kern/kern_proc.c ============================================================================== --- head/sys/kern/kern_proc.c Mon Dec 5 18:29:25 2011 (r228287) +++ head/sys/kern/kern_proc.c Mon Dec 5 19:34:02 2011 (r228288) @@ -1782,7 +1782,8 @@ sysctl_kern_proc_auxv(SYSCTL_HANDLER_ARG PROC_UNLOCK(p); return (ESRCH); } - if ((error = p_cansee(curthread, p)) != 0) { + error = p_candebug(curthread, p); + if (error != 0) { PROC_UNLOCK(p); return (error); } @@ -2456,7 +2457,8 @@ sysctl_kern_proc_ps_strings(SYSCTL_HANDL p = pfind((pid_t)name[0]); if (p == NULL) return (ESRCH); - if ((error = p_cansee(curthread, p)) != 0) { + error = p_cansee(curthread, p); + if (error != 0) { PROC_UNLOCK(p); return (error); }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201112051934.pB5JY3iK054960>