diff options
author | pjd <pjd@FreeBSD.org> | 2005-06-24 12:05:24 +0000 |
---|---|---|
committer | pjd <pjd@FreeBSD.org> | 2005-06-24 12:05:24 +0000 |
commit | 333a175a133d1236e4f60ca37ece4dfe46364da4 (patch) | |
tree | 1c419ad69888a22cfe048dd22057d5fac15c8ffa /sys/kern/kern_ktrace.c | |
parent | 88361a4b4830dc76951a8cb87b9c04efc8adeaca (diff) | |
download | FreeBSD-src-333a175a133d1236e4f60ca37ece4dfe46364da4.zip FreeBSD-src-333a175a133d1236e4f60ca37ece4dfe46364da4.tar.gz |
Close another information leak in ktrace(2): one was able to find active
process groups outside a jail, etc. by using ktrace(2).
OK'ed by: rwatson
Approved by: re (scottl)
MFC after: 1 week
Diffstat (limited to 'sys/kern/kern_ktrace.c')
-rw-r--r-- | sys/kern/kern_ktrace.c | 18 |
1 files changed, 16 insertions, 2 deletions
diff --git a/sys/kern/kern_ktrace.c b/sys/kern/kern_ktrace.c index 7b0ac88..850e9b0 100644 --- a/sys/kern/kern_ktrace.c +++ b/sys/kern/kern_ktrace.c @@ -506,7 +506,7 @@ ktrace(td, uap) int facs = uap->facs & ~KTRFAC_ROOT; int ops = KTROP(uap->ops); int descend = uap->ops & KTRFLAG_DESCEND; - int ret = 0; + int nfound, ret = 0; int flags, error = 0; struct nameidata nd; struct ucred *cred; @@ -592,11 +592,25 @@ ktrace(td, uap) * by the proctree_lock rather than pg_mtx. */ PGRP_UNLOCK(pg); - LIST_FOREACH(p, &pg->pg_members, p_pglist) + nfound = 0; + LIST_FOREACH(p, &pg->pg_members, p_pglist) { + PROC_LOCK(p); + if (p_cansee(td, p) != 0) { + PROC_UNLOCK(p); + continue; + } + PROC_UNLOCK(p); + nfound++; if (descend) ret |= ktrsetchildren(td, p, ops, facs, vp); else ret |= ktrops(td, p, ops, facs, vp); + } + if (nfound == 0) { + sx_sunlock(&proctree_lock); + error = ESRCH; + goto done; + } } else { /* * by pid |