From owner-freebsd-hackers@FreeBSD.ORG  Tue Jan 23 12:44:03 2007
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
X-Original-To: freebsd-hackers@freebsd.org
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 7FBDD16A654
	for <freebsd-hackers@freebsd.org>; Tue, 23 Jan 2007 12:44:03 +0000 (UTC)
	(envelope-from defan@zenon.net)
Received: from mp.zenon.net (mp.zenon.net [195.2.72.79])
	by mx1.freebsd.org (Postfix) with ESMTP id 0CEA813C4C6
	for <freebsd-hackers@freebsd.org>; Tue, 23 Jan 2007 12:44:02 +0000 (UTC)
	(envelope-from defan@zenon.net)
Received: from [192.168.13.151] (HELO zts)
	by mp.zenon.net (CommuniGate Pro SMTP 4.3.7)
	with SMTP id 17455172 for freebsd-hackers@freebsd.org;
	Tue, 23 Jan 2007 14:44:01 +0300
Message-ID: <082f01c73ee3$c6b3f810$970da8c0@jam.zenon.net>
From: "Andrew N. Below" <defan@zenon.net>
To: <freebsd-hackers@freebsd.org>
Date: Tue, 23 Jan 2007 14:44:01 +0300
MIME-Version: 1.0
Content-Type: text/plain;
	charset="koi8-r"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1807
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1896
Subject: how to deny reading of several sysctls (for a set of uids, f.e.)
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Jan 2007 12:44:03 -0000

Hello.

System - RELENG_6.

Easiest way I found is to patch libc.
But in this case we still can get an original library and use
LD_PRELOAD.

Is there any way to obtain uid of calling process (thread?)
within the kernel?

We have following extern in src/lib/libc/gen/sysctl.c:
[..]
extern int __sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp,
    void *newp, size_t newlen);
[..]

And there is __sysctl (src/sys/kern/kern_sysctl.c):

[..]
/*
 * MPSAFE
 */
int
__sysctl(struct thread *td, struct sysctl_args *uap)
[..]

1. Whether this function is called from libc sysctl() ?

2. What can we get from td here? My knowledge about FreeBSD kernel
and kernel threads is not yet enough for understanding this.

I also thought about passing control variable from libc
to kernel, but it seems to be bad idea.

Any other ways?

--
Andrew N. Below