diff options
| -rw-r--r-- | sys/kern/kern_proc.c | 4 | ||||
| -rw-r--r-- | sys/kern/kern_prot.c | 14 | ||||
| -rw-r--r-- | sys/kern/uipc_socket.c | 19 | ||||
| -rw-r--r-- | sys/kern/uipc_usrreq.c | 16 | ||||
| -rw-r--r-- | sys/netinet/raw_ip.c | 4 | ||||
| -rw-r--r-- | sys/netinet/tcp_subr.c | 6 | ||||
| -rw-r--r-- | sys/netinet/tcp_timewait.c | 6 | ||||
| -rw-r--r-- | sys/netinet/udp_usrreq.c | 6 |
8 files changed, 26 insertions, 49 deletions
diff --git a/sys/kern/kern_proc.c b/sys/kern/kern_proc.c index 5b0e960..6647f73 100644 --- a/sys/kern/kern_proc.c +++ b/sys/kern/kern_proc.c @@ -59,10 +59,6 @@ MALLOC_DEFINE(M_SESSION, "session", "session header"); static MALLOC_DEFINE(M_PROC, "proc", "Proc structures"); MALLOC_DEFINE(M_SUBPROC, "subproc", "Proc sub-structures"); -int ps_showallprocs = 1; -SYSCTL_INT(_kern, OID_AUTO, ps_showallprocs, CTLFLAG_RW, - &ps_showallprocs, 0, ""); - static void pgdelete __P((struct pgrp *)); static void orphanpg __P((struct pgrp *pg)); diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index bc42d54..bc718e4 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -1299,7 +1299,6 @@ suser_xxx(cred, proc, flag) return (0); } - /* * Test (local, globale) securelevel values against passed required * securelevel. _gt implements (level > securelevel), and _ge implements @@ -1357,6 +1356,16 @@ securelevel_ge(struct ucred *cr, int level) } } +/* + * kern_security_seeotheruids_permitted determines whether or not visibility + * of processes and sockets with credentials holding different real uid's + * is possible using a variety of system MIBs. + */ +static int kern_security_seeotheruids_permitted = 1; +SYSCTL_INT(_kern_security, OID_AUTO, seeotheruids_permitted, + CTLFLAG_RW, &kern_security_seeotheruids_permitted, 0, + "Unprivileged processes may see subjects/objects with different real uid"); + /*- * Determine if u1 "can see" the subject specified by u2. * Returns: 0 for permitted, an errno value otherwise @@ -1372,7 +1381,8 @@ cr_cansee(struct ucred *u1, struct ucred *u2) if ((error = prison_check(u1, u2))) return (error); - if (!ps_showallprocs && u1->cr_ruid != u2->cr_ruid) { + if (!kern_security_seeotheruids_permitted && + u1->cr_ruid != u2->cr_ruid) { if (suser_xxx(u1, NULL, PRISON_ROOT) != 0) return (ESRCH); } diff --git a/sys/kern/uipc_socket.c b/sys/kern/uipc_socket.c index 94b6b00..65ef837 100644 --- a/sys/kern/uipc_socket.c +++ b/sys/kern/uipc_socket.c @@ -92,10 +92,6 @@ static int somaxconn = SOMAXCONN; SYSCTL_INT(_kern_ipc, KIPC_SOMAXCONN, somaxconn, CTLFLAG_RW, &somaxconn, 0, "Maximum pending socket connection queue size"); -int showallsockets = 1; -SYSCTL_INT(_kern_ipc, OID_AUTO, showallsockets, CTLFLAG_RW, &showallsockets, - 0, "show users all other users pcb data"); - /* * Socket operation routines. * These routines are called by the routines in @@ -1659,18 +1655,3 @@ socheckuid(struct socket *so, uid_t uid) return (0); return (EPERM); } - -int -socheckproc(struct socket *so, struct proc *p) -{ - - if (p == NULL) - return (ESRCH); - if (socheckuid(so, p->p_ucred->cr_ruid) == 0) - return (0); - if (socheckuid(so, p->p_ucred->cr_uid) == 0) - return (0); - if (!suser_xxx(0, p, PRISON_ROOT)) - return (0); - return (EPERM); -} diff --git a/sys/kern/uipc_usrreq.c b/sys/kern/uipc_usrreq.c index 747dbe2..12af404 100644 --- a/sys/kern/uipc_usrreq.c +++ b/sys/kern/uipc_usrreq.c @@ -803,16 +803,6 @@ unp_abort(unp) #endif static int -prison_unpcb(struct proc *p, struct unpcb *unp) -{ - if (!jailed(p->p_ucred)) - return (0); - if (p->p_fd->fd_rdir == unp->unp_rvnode) - return (0); - return (1); -} - -static int unp_pcblist(SYSCTL_HANDLER_ARGS) { int error, i, n; @@ -859,9 +849,9 @@ unp_pcblist(SYSCTL_HANDLER_ARGS) for (unp = LIST_FIRST(head), i = 0; unp && i < n; unp = LIST_NEXT(unp, unp_link)) { - if (unp->unp_gencnt <= gencnt && !prison_unpcb(req->p, unp)) { - if (!showallsockets && socheckproc(unp->unp_socket, - curthread->td_proc)) + if (unp->unp_gencnt <= gencnt) { + if (cr_cansee(req->p->p_ucred, + unp->unp_socket->so_cred)) continue; unp_list[i++] = unp; } diff --git a/sys/netinet/raw_ip.c b/sys/netinet/raw_ip.c index 64c836e..1bad6dd 100644 --- a/sys/netinet/raw_ip.c +++ b/sys/netinet/raw_ip.c @@ -630,8 +630,8 @@ rip_pcblist(SYSCTL_HANDLER_ARGS) for (inp = LIST_FIRST(ripcbinfo.listhead), i = 0; inp && i < n; inp = LIST_NEXT(inp, inp_list)) { if (inp->inp_gencnt <= gencnt) { - if (!showallsockets && socheckproc(inp->inp_socket, - curthread->td_proc)) + if (cr_cansee(req->p->p_ucred, + inp->inp_socket->so_cred)) continue; inp_list[i++] = inp; } diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c index 32b3079..99916c6 100644 --- a/sys/netinet/tcp_subr.c +++ b/sys/netinet/tcp_subr.c @@ -854,9 +854,9 @@ tcp_pcblist(SYSCTL_HANDLER_ARGS) s = splnet(); for (inp = LIST_FIRST(tcbinfo.listhead), i = 0; inp && i < n; inp = LIST_NEXT(inp, inp_list)) { - if (inp->inp_gencnt <= gencnt && !prison_xinpcb(req->p, inp)) { - if (!showallsockets && socheckproc(inp->inp_socket, - curthread->td_proc)) + if (inp->inp_gencnt <= gencnt) { + if (cr_cansee(req->p->p_ucred, + inp->inp_socket->so_cred)) continue; inp_list[i++] = inp; } diff --git a/sys/netinet/tcp_timewait.c b/sys/netinet/tcp_timewait.c index 32b3079..99916c6 100644 --- a/sys/netinet/tcp_timewait.c +++ b/sys/netinet/tcp_timewait.c @@ -854,9 +854,9 @@ tcp_pcblist(SYSCTL_HANDLER_ARGS) s = splnet(); for (inp = LIST_FIRST(tcbinfo.listhead), i = 0; inp && i < n; inp = LIST_NEXT(inp, inp_list)) { - if (inp->inp_gencnt <= gencnt && !prison_xinpcb(req->p, inp)) { - if (!showallsockets && socheckproc(inp->inp_socket, - curthread->td_proc)) + if (inp->inp_gencnt <= gencnt) { + if (cr_cansee(req->p->p_ucred, + inp->inp_socket->so_cred)) continue; inp_list[i++] = inp; } diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index e933064..463f8b3 100644 --- a/sys/netinet/udp_usrreq.c +++ b/sys/netinet/udp_usrreq.c @@ -579,9 +579,9 @@ udp_pcblist(SYSCTL_HANDLER_ARGS) s = splnet(); for (inp = LIST_FIRST(udbinfo.listhead), i = 0; inp && i < n; inp = LIST_NEXT(inp, inp_list)) { - if (inp->inp_gencnt <= gencnt && !prison_xinpcb(req->p, inp)) { - if (!showallsockets && socheckproc(inp->inp_socket, - curthread->td_proc)) + if (inp->inp_gencnt <= gencnt) { + if (cr_cansee(req->p->p_ucred, + inp->inp_socket->so_cred)) continue; inp_list[i++] = inp; } |
