Date: Sun, 10 Aug 1997 18:26:15 +0000 (GMT) From: "Jonathan A. Zdziarski" <jonz@netrail.net> To: Brian Mitchell <brian@firehouse.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: procfs patch Message-ID: <Pine.BSF.3.95q.970810182556.5670A-100000@netrail.net> In-Reply-To: <Pine.NEB.3.96.970810165359.205A-100000@apocalypse.saturn.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Uh..how does one apply this patch. It asks 'which file to patch' etc... I'm just typing 'patch < filename' ------------------------------------------------------------------------- Jonathan A. Zdziarski NetRail Incorporated Server Engineering Manager 230 Peachtree St. Suite 500 jonz@netrail.net Atlanta, GA 30303 http://www.netrail.net (888) - NETRAIL ------------------------------------------------------------------------- On Sun, 10 Aug 1997, Brian Mitchell wrote: :Enclosed is a patch that seems to work ok on my system. Extensive testing :has not been done. There's probably a much better way to do this. : :diff -c procfs_old/procfs_ctl.c procfs/procfs_ctl.c :*** procfs_old/procfs_ctl.c Sun Aug 10 15:05:48 1997 :--- procfs/procfs_ctl.c Sun Aug 10 16:37:59 1997 :*************** :*** 121,126 **** :--- 121,129 ---- : { : int error; : :+ /* if we have trace flag set, fail */ :+ if(p->p_flag & P_SUGID) :+ return (EPERM); : /* : * Attach - attaches the target process for debugging : * by the calling process. :diff -c procfs_old/procfs_fpregs.c procfs/procfs_fpregs.c :*** procfs_old/procfs_fpregs.c Sun Aug 10 15:05:47 1997 :--- procfs/procfs_fpregs.c Sun Aug 10 16:38:14 1997 :*************** :*** 62,67 **** :--- 62,69 ---- : char *kv; : int kl; : :+ if(p->p_flag & P_SUGID) :+ return (EPERM); : kl = sizeof(r); : kv = (char *) &r; : :diff -c procfs_old/procfs_map.c procfs/procfs_map.c :*** procfs_old/procfs_map.c Sun Aug 10 15:05:47 1997 :--- procfs/procfs_map.c Sun Aug 10 16:35:41 1997 :*************** :*** 96,101 **** :--- 96,103 ---- : vm_map_entry_t entry; : char mebuffer[MEBUFFERSIZE]; : :+ if(p->p_flag & P_SUGID) :+ return (EPERM); : if (uio->uio_rw != UIO_READ) : return (EOPNOTSUPP); : :diff -c procfs_old/procfs_mem.c procfs/procfs_mem.c :*** procfs_old/procfs_mem.c Sun Aug 10 15:05:47 1997 :--- procfs/procfs_mem.c Sun Aug 10 16:39:01 1997 :*************** :*** 297,302 **** :--- 297,304 ---- : { : int error; : :+ if(p->p_flag & P_SUGID) :+ return (EPERM); : if (uio->uio_resid == 0) : return (0); : :diff -c procfs_old/procfs_note.c procfs/procfs_note.c :*** procfs_old/procfs_note.c Sun Aug 10 15:05:47 1997 :--- procfs/procfs_note.c Sun Aug 10 16:36:19 1997 :*************** :*** 59,64 **** :--- 59,66 ---- : int error; : char note[PROCFS_NOTELEN+1]; : :+ if(p->p_flag & P_SUGID) :+ return (EPERM); : if (uio->uio_rw != UIO_WRITE) : return (EINVAL); : :diff -c procfs_old/procfs_regs.c procfs/procfs_regs.c :*** procfs_old/procfs_regs.c Sun Aug 10 15:05:47 1997 :--- procfs/procfs_regs.c Sun Aug 10 16:36:39 1997 :*************** :*** 62,67 **** :--- 62,69 ---- : char *kv; : int kl; : :+ if(p->p_flag & P_SUGID) :+ return (EPERM); : kl = sizeof(r); : kv = (char *) &r; : :diff -c procfs_old/procfs_status.c procfs/procfs_status.c :*** procfs_old/procfs_status.c Sun Aug 10 15:05:47 1997 :--- procfs/procfs_status.c Sun Aug 10 16:36:55 1997 :*************** :*** 69,74 **** :--- 69,76 ---- : int error; : char psbuf[256]; /* XXX - conservative */ : :+ if(p->p_flag & P_SUGID) :+ return (EPERM); : if (uio->uio_rw != UIO_READ) : return (EOPNOTSUPP); : :diff -c procfs_old/procfs_type.c procfs/procfs_type.c :*** procfs_old/procfs_type.c Sun Aug 10 15:05:47 1997 :--- procfs/procfs_type.c Sun Aug 10 16:37:15 1997 :*************** :*** 65,70 **** :--- 65,72 ---- : char mebuffer[256]; : char *none = "Not Available"; : :+ if(p->p_flag & P_SUGID) :+ return (EPERM); : if (uio->uio_rw != UIO_READ) : return (EOPNOTSUPP); : : : : : :Brian Mitchell brian@firehouse.net :"BSD code sucks. Of course, everything else sucks far more." :- Theo de Raadt (OpenBSD President) : :
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95q.970810182556.5670A-100000>