From owner-freebsd-security Sun Aug 10 13:56:39 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id NAA14101 for security-outgoing; Sun, 10 Aug 1997 13:56:39 -0700 (PDT) Received: from apocalypse.saturn.net (user9907@apocalypse.saturn.net [208.192.215.27]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id NAA14096 for ; Sun, 10 Aug 1997 13:56:34 -0700 (PDT) Received: from localhost (brian@localhost) by apocalypse.saturn.net (8.8.5/8.8.5) with SMTP id QAA00210 for ; Sun, 10 Aug 1997 16:55:03 -0400 (EDT) Date: Sun, 10 Aug 1997 16:55:01 -0400 (EDT) From: Brian Mitchell To: freebsd-security@freebsd.org Subject: procfs patch Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Enclosed is a patch that seems to work ok on my system. Extensive testing has not been done. There's probably a much better way to do this. diff -c procfs_old/procfs_ctl.c procfs/procfs_ctl.c *** procfs_old/procfs_ctl.c Sun Aug 10 15:05:48 1997 --- procfs/procfs_ctl.c Sun Aug 10 16:37:59 1997 *************** *** 121,126 **** --- 121,129 ---- { int error; + /* if we have trace flag set, fail */ + if(p->p_flag & P_SUGID) + return (EPERM); /* * Attach - attaches the target process for debugging * by the calling process. diff -c procfs_old/procfs_fpregs.c procfs/procfs_fpregs.c *** procfs_old/procfs_fpregs.c Sun Aug 10 15:05:47 1997 --- procfs/procfs_fpregs.c Sun Aug 10 16:38:14 1997 *************** *** 62,67 **** --- 62,69 ---- char *kv; int kl; + if(p->p_flag & P_SUGID) + return (EPERM); kl = sizeof(r); kv = (char *) &r; diff -c procfs_old/procfs_map.c procfs/procfs_map.c *** procfs_old/procfs_map.c Sun Aug 10 15:05:47 1997 --- procfs/procfs_map.c Sun Aug 10 16:35:41 1997 *************** *** 96,101 **** --- 96,103 ---- vm_map_entry_t entry; char mebuffer[MEBUFFERSIZE]; + if(p->p_flag & P_SUGID) + return (EPERM); if (uio->uio_rw != UIO_READ) return (EOPNOTSUPP); diff -c procfs_old/procfs_mem.c procfs/procfs_mem.c *** procfs_old/procfs_mem.c Sun Aug 10 15:05:47 1997 --- procfs/procfs_mem.c Sun Aug 10 16:39:01 1997 *************** *** 297,302 **** --- 297,304 ---- { int error; + if(p->p_flag & P_SUGID) + return (EPERM); if (uio->uio_resid == 0) return (0); diff -c procfs_old/procfs_note.c procfs/procfs_note.c *** procfs_old/procfs_note.c Sun Aug 10 15:05:47 1997 --- procfs/procfs_note.c Sun Aug 10 16:36:19 1997 *************** *** 59,64 **** --- 59,66 ---- int error; char note[PROCFS_NOTELEN+1]; + if(p->p_flag & P_SUGID) + return (EPERM); if (uio->uio_rw != UIO_WRITE) return (EINVAL); diff -c procfs_old/procfs_regs.c procfs/procfs_regs.c *** procfs_old/procfs_regs.c Sun Aug 10 15:05:47 1997 --- procfs/procfs_regs.c Sun Aug 10 16:36:39 1997 *************** *** 62,67 **** --- 62,69 ---- char *kv; int kl; + if(p->p_flag & P_SUGID) + return (EPERM); kl = sizeof(r); kv = (char *) &r; diff -c procfs_old/procfs_status.c procfs/procfs_status.c *** procfs_old/procfs_status.c Sun Aug 10 15:05:47 1997 --- procfs/procfs_status.c Sun Aug 10 16:36:55 1997 *************** *** 69,74 **** --- 69,76 ---- int error; char psbuf[256]; /* XXX - conservative */ + if(p->p_flag & P_SUGID) + return (EPERM); if (uio->uio_rw != UIO_READ) return (EOPNOTSUPP); diff -c procfs_old/procfs_type.c procfs/procfs_type.c *** procfs_old/procfs_type.c Sun Aug 10 15:05:47 1997 --- procfs/procfs_type.c Sun Aug 10 16:37:15 1997 *************** *** 65,70 **** --- 65,72 ---- char mebuffer[256]; char *none = "Not Available"; + if(p->p_flag & P_SUGID) + return (EPERM); if (uio->uio_rw != UIO_READ) return (EOPNOTSUPP); Brian Mitchell brian@firehouse.net "BSD code sucks. Of course, everything else sucks far more." - Theo de Raadt (OpenBSD President)