Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 5 Dec 2011 19:34:03 +0000 (UTC)
From:      Mikolaj Golub <trociny@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   svn commit: r228288 - head/sys/kern
Message-ID:  <201112051934.pB5JY3iK054960@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: trociny
Date: Mon Dec  5 19:34:02 2011
New Revision: 228288
URL: http://svn.freebsd.org/changeset/base/228288

Log:
  Protect kern.proc.auxv and kern.proc.ps_strings sysctls with p_candebug().
  
  Citing jilles:
  
  If we are ever going to do ASLR, the AUXV information tells an attacker
  where the stack, executable and RTLD are located, which defeats much of
  the point of randomizing the addresses in the first place.
  
  Given that the AUXV information seems to be used by debuggers only anyway,
  I think it would be good to move it to p_candebug() now.
  
  The full virtual memory maps (KERN_PROC_VMMAP, procstat -v) are already
  under p_candebug().
  
  Suggested by:	jilles
  Discussed with:	rwatson
  MFC after:	1 week

Modified:
  head/sys/kern/kern_proc.c

Modified: head/sys/kern/kern_proc.c
==============================================================================
--- head/sys/kern/kern_proc.c	Mon Dec  5 18:29:25 2011	(r228287)
+++ head/sys/kern/kern_proc.c	Mon Dec  5 19:34:02 2011	(r228288)
@@ -1782,7 +1782,8 @@ sysctl_kern_proc_auxv(SYSCTL_HANDLER_ARG
 		PROC_UNLOCK(p);
 		return (ESRCH);
 	}
-	if ((error = p_cansee(curthread, p)) != 0) {
+	error = p_candebug(curthread, p);
+	if (error != 0) {
 		PROC_UNLOCK(p);
 		return (error);
 	}
@@ -2456,7 +2457,8 @@ sysctl_kern_proc_ps_strings(SYSCTL_HANDL
 	p = pfind((pid_t)name[0]);
 	if (p == NULL)
 		return (ESRCH);
-	if ((error = p_cansee(curthread, p)) != 0) {
+	error = p_cansee(curthread, p);
+	if (error != 0) {
 		PROC_UNLOCK(p);
 		return (error);
 	}



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201112051934.pB5JY3iK054960>