summaryrefslogtreecommitdiffstats
path: root/sbin
diff options
context:
space:
mode:
authorjoerg <joerg@FreeBSD.org>1996-10-13 20:55:45 +0000
committerjoerg <joerg@FreeBSD.org>1996-10-13 20:55:45 +0000
commit14dd70138e60ac6a0d2d9ffed2cca51ffe94ab78 (patch)
tree3768d6fbdcf08456689bbf5a2772380c73e93b3b /sbin
parentf35890901a4ab4f3504147eecc4f8e1e8343dd12 (diff)
downloadFreeBSD-src-14dd70138e60ac6a0d2d9ffed2cca51ffe94ab78.zip
FreeBSD-src-14dd70138e60ac6a0d2d9ffed2cca51ffe94ab78.tar.gz
Yikes! Originally, i intended to apply the patch from PR # 1322,
but Bill has beaten me on this. ;-) However, he missed the part to compute the kernelsize in kilobytes, so the minfree consideration was now overcautious. (I've also changed the return type of dump_size() to void since int was useless.) Being here, the fact that `vmcore' was written world-readable was just a plain security hole: everybody who was able to crash a kernel could later read any confidential information out of it at his will. Create it with umask 077 instead.
Diffstat (limited to 'sbin')
-rw-r--r--sbin/savecore/savecore.c11
1 files changed, 6 insertions, 5 deletions
diff --git a/sbin/savecore/savecore.c b/sbin/savecore/savecore.c
index b86b05b..6e87124 100644
--- a/sbin/savecore/savecore.c
+++ b/sbin/savecore/savecore.c
@@ -119,7 +119,7 @@ int Create __P((char *, int));
int dump_exists __P((void));
char *find_dev __P((dev_t, int));
int get_crashtime __P((void));
-int get_dumpsize __P((void));
+void get_dumpsize __P((void));
void kmem_setup __P((void));
void log __P((int, char *, ...));
void Lseek __P((int, off_t, int));
@@ -332,6 +332,7 @@ save_core()
register FILE *fp;
register int bounds, ifd, nr, nw, ofd;
char *rawp, path[MAXPATHLEN];
+ mode_t oumask;
/*
* Get the current number and update the bounds file. Do the update
@@ -356,6 +357,7 @@ err1: syslog(LOG_WARNING, "%s: %s", path, strerror(errno));
}
/* Create the core file. */
+ oumask = umask(S_IRWXG|S_IRWXO); /* Restrict access to the core file.*/
(void)snprintf(path, sizeof(path), "%s/vmcore.%d%s",
dirname, bounds, compress ? ".Z" : "");
if (compress) {
@@ -365,6 +367,7 @@ err1: syslog(LOG_WARNING, "%s: %s", path, strerror(errno));
}
} else
ofd = Create(path, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
+ (void)umask(oumask);
/* Open the raw device. */
rawp = rawname(ddname);
@@ -526,15 +529,13 @@ get_crashtime()
return (1);
}
-int
+void
get_dumpsize()
{
/* Read the dump size. */
Lseek(dumpfd, (off_t)(dumplo + ok(dump_nl[X_DUMPSIZE].n_value)), L_SET);
(void)Read(dumpfd, &dumpsize, sizeof(dumpsize));
dumpsize *= getpagesize();
-
- return(1);
}
int
@@ -552,7 +553,7 @@ check_space()
syslog(LOG_ERR, "%s: %m", tkernel);
exit(1);
}
- kernelsize = st.st_blocks * S_BLKSIZE;
+ kernelsize = (st.st_blocks * S_BLKSIZE) / 1024;
if (statfs(dirname, &fsbuf) < 0) {
syslog(LOG_ERR, "%s: %m", dirname);
OpenPOWER on IntegriCloud