Date: Tue, 2 Sep 2008 10:17:11 -0700 (PDT) From: Robert Faulds <frf@xocolatl.com> To: FreeBSD-gnats-submit@FreeBSD.org Subject: kern/127048: systat(1) information leak when security.bsd.see_other_uids=0 Message-ID: <200809021717.m82HHBcO098577@sour.xocolatl.com> Resent-Message-ID: <200809021740.m82He4pk072317@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 127048 >Category: kern >Synopsis: systat(1) information leak when security.bsd.see_other_uids=0 >Confidential: no >Severity: serious >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Sep 02 17:40:03 UTC 2008 >Closed-Date: >Last-Modified: >Originator: Robert Faulds >Release: FreeBSD 7.0-STABLE i386 >Organization: >Environment: System: FreeBSD sour.xocolatl.com 7.0-STABLE FreeBSD 7.0-STABLE #29: Tue Aug 5 05:29:58 PDT 2008 root@sour.xocolatl.com:/usr/obj/usr/src/sys/SOUR i386 >Description: When security.bsd.see_other_uids=0, systat -net displays all network connections. Not just those of the UID running systat. >How-To-Repeat: Set security.bsd.see_other_uids=0 As non-root user, run systat -net and view all sockets. Compare this with netstat as the same user. >Fix: Unknown.... Sorry. >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200809021717.m82HHBcO098577>