diff options
author | pjd <pjd@FreeBSD.org> | 2008-03-16 17:55:06 +0000 |
---|---|---|
committer | pjd <pjd@FreeBSD.org> | 2008-03-16 17:55:06 +0000 |
commit | d61d590ad7fc8b12ce6706eb44b2591def26f29c (patch) | |
tree | c401392c342d54527a84d5414d29d78cf92ce139 /sys/kern/kern_resource.c | |
parent | 2c03b45538040c4ab0266f2cfa5d8cf47346d65e (diff) | |
download | FreeBSD-src-d61d590ad7fc8b12ce6706eb44b2591def26f29c.zip FreeBSD-src-d61d590ad7fc8b12ce6706eb44b2591def26f29c.tar.gz |
Fix information leak. We can find PIDs of running processes from within
a jail, etc. by simply calling setpriority(PRIO_PROCESS, <PID>, 0) and
checking the return value: 0 means that the process exists and -1 that
it doesn't exist.
Reviewed by: rwatson
MFC after: 1 week
Diffstat (limited to 'sys/kern/kern_resource.c')
-rw-r--r-- | sys/kern/kern_resource.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/sys/kern/kern_resource.c b/sys/kern/kern_resource.c index b2b1daf..7c88227 100644 --- a/sys/kern/kern_resource.c +++ b/sys/kern/kern_resource.c @@ -191,7 +191,8 @@ setpriority(td, uap) p = pfind(uap->who); if (p == 0) break; - if (p_cansee(td, p) == 0) + error = p_cansee(td, p); + if (error == 0) error = donice(td, p, uap->prio); PROC_UNLOCK(p); } |