From owner-freebsd-hackers Sat Jul 1 10:42:58 1995 Return-Path: hackers-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id KAA26587 for hackers-outgoing; Sat, 1 Jul 1995 10:42:58 -0700 Received: from mail.cs.tu-berlin.de (root@mail.cs.tu-berlin.de [130.149.17.13]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id KAA26575 for ; Sat, 1 Jul 1995 10:42:55 -0700 Received: from caramba.cs.tu-berlin.de (wosch@caramba.cs.tu-berlin.de [130.149.144.4]) by mail.cs.tu-berlin.de (8.6.12/8.6.12) with ESMTP id TAA14259; Sat, 1 Jul 1995 19:41:39 +0200 From: Wolfram Schneider Received: (wosch@localhost) by caramba.cs.tu-berlin.de (8.6.12/8.6.9) id TAA16016; Sat, 1 Jul 1995 19:41:35 +0200 Date: Sat, 1 Jul 1995 19:41:35 +0200 Message-Id: <199507011741.TAA16016@caramba.cs.tu-berlin.de> To: hackers@freebsd.org CC: joerg@sax.de Subject: Real UID in procfs MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Sender: hackers-owner@freebsd.org Precedence: bulk A one line hack for implementation of real uid in procfs(5). Conflicts: all scripts/programs which read /procfs/*/status (I know only killall(1)) Patched /sys/miscfs/procfs/procfs_status.c and killall/killall.{1,pl} Wolfram --- 1.1 1995/07/01 14:57:47 +++ /sys/miscfs/procfs/procfs_status.c 1995/07/01 15:57:01 @@ -79,7 +79,10 @@ sid = sess->s_leader ? sess->s_leader->p_pid : 0; /* comm pid ppid pgid sid maj,min ctty,sldr start ut st wmsg uid groups ... */ - +/* ifdef PROCFS_RUID +comm pid ppid pgid sid maj,min ctty,sldr start ut st wmsg euid ruid groups ... + endif +*/ ps = psbuf; bcopy(p->p_comm, ps, MAXCOMLEN); ps[MAXCOMLEN] = '\0'; @@ -126,7 +129,13 @@ cr = p->p_ucred; +#if (!defined PROCFS_RUID) ps += sprintf(ps, " %ld %ld", cr->cr_uid, cr->cr_gid); +#else /* have ruid */ + ps += sprintf(ps, " %ld %ld %ld", + cr->cr_uid, p->p_cred->p_ruid, cr->cr_gid); +#endif /* PROCFS_RUID */ + for (i = 0; i < cr->cr_ngroups; i++) ps += sprintf(ps, ",%ld", cr->cr_groups[i]); ps += sprintf(ps, "\n"); --- 1.1 1995/07/01 15:52:44 +++ killall/killall.pl 1995/07/01 17:10:38 @@ -43,8 +43,12 @@ $match = 0; # 0 match exactly program name $show = 0; -$PROC_NAME = 0 + $[; -$PROC_EUID = 11 + $[; +# see /sys/*/procfs/procfs_status.c +# comm pid ppid pgid sid maj,min ctty,sldr start ut st wmsg \ +# euid ruid groups ... +$PROC_NAME = 0; +$PROC_EUID = 11; +$PROC_RUID = 12; sub usage { $! = 2; @@ -66,6 +70,7 @@ die "Maybe $procfs is not mounted\n" unless -e "$procfs/0/status"; opendir(PROCFS, "$procfs") || die "$procfs $!\n"; +print " PID EUID RUID COMMAND\n" if $debug > 1; foreach (sort{$a <=> $b} grep(/^[0-9]/, readdir(PROCFS))) { $status = "$procfs/$_/status"; @@ -76,13 +81,21 @@ open(STATUS, "$status") || next; # process maybe already terminated while() { @proc = split; - printf "%5d $proc[$PROC_NAME] $proc[$PROC_EUID]\n", $pid + + # real uid implemented? + $proc[$PROC_RUID] = 99999 if $proc[$PROC_RUID] !~ /^[0-9]+$/; + + printf "%5d %5d %5d %s\n", $pid, $proc[$PROC_EUID], $proc[$PROC_RUID], + $proc[$PROC_NAME] if $debug > 1; - if (($proc[$PROC_NAME] eq $program || + if (($proc[$PROC_NAME] eq $program || # test program name ($match && $proc[$PROC_NAME] =~ /$program/i) - ) && # test program name - ($proc[$PROC_EUID] eq $< || $< == 0)) { # test uid + ) && + ($proc[$PROC_EUID] == $< || # test effective uid + $proc[$PROC_RUID] == $< || # test real uid + $< == 0)) # root + { push(@kill, "$pid"); } } --- 1.1 1995/07/01 15:52:44 +++ killall/killall.1 1995/07/01 16:48:35 @@ -63,7 +63,8 @@ printed, or a message indicating that no matching processes have been found. If the option .Fl d -has been specified at least twice, the effective UID, PID, and name +has been specified at least twice, the PID, effective UID, real +UID, and name of all processes found in .Xr procfs 5 will be listed in addition. @@ -107,6 +108,7 @@ options. .Sh SEE ALSO .Xr kill 1 , +.Xr ps 1 , .Xr perl 1 , .Xr procfs 5 . .Sh HISTORY @@ -120,8 +122,12 @@ page has been written by .if n Joerg Wunsch. .if t J\(:org Wunsch. + + .Sh BUGS -Due to limitations in the current implementation of +The following bug is obsolete since FreeBSD 2.2 . + +Due to limitations in the implementation of .Xr procfs 5 , it is only possible to figure out the effective UID of a process. Hence it is impossible to find processes that run setuid, thus a