From 167a14bcd4260afeb7ee50cb39ec42780cc7116d Mon Sep 17 00:00:00 2001
From: phk <phk@FreeBSD.org>
Date: Tue, 30 Jun 1998 21:34:14 +0000
Subject: Pick up kernel variables/constants using sysctl rather than through
 /dev/mem

Use /dev/null for opening the kvm library, we don't need access to /dev/mem
anymore.

ps can now run without the setgid(kmem) bit.  If it does it will not be
able to show argv/envp for another uid's processes unless you are root.
---
 bin/ps/nlist.c | 83 +++++-----------------------------------------------------
 bin/ps/ps.c    | 14 +++++++---
 2 files changed, 17 insertions(+), 80 deletions(-)

(limited to 'bin/ps')

diff --git a/bin/ps/nlist.c b/bin/ps/nlist.c
index 46ade5d..47aa6e9 100644
--- a/bin/ps/nlist.c
+++ b/bin/ps/nlist.c
@@ -31,93 +31,24 @@
  * SUCH DAMAGE.
  */
 
-#ifndef lint
-#if 0
-static char sccsid[] = "@(#)nlist.c	8.4 (Berkeley) 4/2/94";
-#endif
-static const char rcsid[] =
-	"$Id$";
-#endif /* not lint */
-
-#include <sys/param.h>
 #include <sys/time.h>
-#include <sys/proc.h>
 #include <sys/resource.h>
 
-#include <err.h>
-#include <errno.h>
-#include <kvm.h>
-#include <nlist.h>
-#include <stdio.h>
-#include <string.h>
-
-#include "ps.h"
-
-struct	nlist psnl[] = {
-	{"_fscale"},
-#define	X_FSCALE	0
-	{"_ccpu"},
-#define	X_CCPU		1
-	{"_avail_start"},
-#define	X_AVAILSTART	2
-	{"_avail_end"},
-#define	X_AVAILEND	3
-	{NULL}
-};
-
 fixpt_t	ccpu;				/* kernel _ccpu variable */
 int	nlistread;			/* if nlist already read. */
 int	mempages;			/* number of pages of phys. memory */
 int	fscale;				/* kernel _fscale variable */
 
-extern kvm_t *kd;
-
-#define kread(x, v) \
-	kvm_read(kd, psnl[x].n_value, (char *)&v, sizeof v) != sizeof(v)
-
 int
 donlist()
 {
-	int rval;
-	int tmp;
 
-	rval = 0;
-	nlistread = 1;
-	if (kvm_nlist(kd, psnl)) {
-		nlisterr(psnl);
-		eval = 1;
+	if (sysctlbyname("kern.ccpu", &ccpu, sizeof ccpu, 0, 0) < 0)
 		return (1);
-	}
-	if (kread(X_FSCALE, fscale)) {
-		warnx("fscale: %s", kvm_geterr(kd));
-		eval = rval = 1;
-	}
-	if (kread(X_AVAILEND, mempages)) {
-		warnx("avail_start: %s", kvm_geterr(kd));
-		eval = rval = 1;
-	}
-	if (kread(X_AVAILSTART, tmp)) {
-		warnx("avail_end: %s", kvm_geterr(kd));
-		eval = rval = 1;
-	}
-	mempages -= tmp;
-	mempages /= PAGE_SIZE;
-	if (kread(X_CCPU, ccpu)) {
-		warnx("ccpu: %s", kvm_geterr(kd));
-		eval = rval = 1;
-	}
-	return (rval);
-}
-
-void
-nlisterr(nl)
-	struct nlist nl[];
-{
-	int i;
-
-	(void)fprintf(stderr, "ps: nlist: can't find following symbols:");
-	for (i = 0; nl[i].n_name != NULL; i++)
-		if (nl[i].n_value == 0)
-			(void)fprintf(stderr, " %s", nl[i].n_name);
-	(void)fprintf(stderr, "\n");
+	if (sysctlbyname("kern.fscale", &fscale, sizeof fscale, 0, 0) < 0)
+		return (1);
+	if (sysctlbyname("hw.availpages", &mempages, sizeof mempages, 0, 0) < 0)
+		return (1);
+	nlistread = 1;
+	return (0);
 }
diff --git a/bin/ps/ps.c b/bin/ps/ps.c
index 092256a..5bcb03c 100644
--- a/bin/ps/ps.c
+++ b/bin/ps/ps.c
@@ -42,7 +42,7 @@ static char const copyright[] =
 static char sccsid[] = "@(#)ps.c	8.4 (Berkeley) 4/2/94";
 #endif
 static const char rcsid[] =
-	"$Id$";
+	"$Id: ps.c,v 1.24 1998/05/15 06:29:17 charnier Exp $";
 #endif /* not lint */
 
 #include <sys/param.h>
@@ -121,7 +121,7 @@ main(argc, argv)
 	dev_t ttydev;
 	pid_t pid;
 	uid_t uid;
-	int all, ch, flag, i, fmt, lineno, nentries;
+	int all, ch, flag, i, fmt, lineno, nentries, dropgid;
 	int prtheader, wflag, what, xflg;
 	char *nlistf, *memf, *swapf, errbuf[_POSIX2_LINE_MAX];
 
@@ -142,7 +142,8 @@ main(argc, argv)
 	pid = -1;
 	uid = (uid_t) -1;
 	ttydev = NODEV;
-	memf = nlistf = swapf = NULL;
+	dropgid = 0;
+	memf = nlistf = swapf = _PATH_DEVNULL;
 	while ((ch = getopt(argc, argv,
 #if defined(LAZY_PS)
 	    "aCcefghjLlM:mN:O:o:p:rSTt:U:uvW:wx")) != -1)
@@ -182,12 +183,14 @@ main(argc, argv)
 			break;
 		case 'M':
 			memf = optarg;
+			dropgid = 1;
 			break;
 		case 'm':
 			sortby = SORTMEM;
 			break;
 		case 'N':
 			nlistf = optarg;
+			dropgid = 1;
 			break;
 		case 'O':
 			parsefmt(o1);
@@ -260,6 +263,7 @@ main(argc, argv)
 			break;
 		case 'W':
 			swapf = optarg;
+			dropgid = 1;
 			break;
 		case 'w':
 			if (wflag)
@@ -293,8 +297,10 @@ main(argc, argv)
 	 * Discard setgid privileges if not the running kernel so that bad
 	 * guys can't print interesting stuff from kernel memory.
 	 */
-	if (nlistf != NULL || memf != NULL || swapf != NULL)
+	if (dropgid) {
 		setgid(getgid());
+		setuid(getuid());
+	}
 
 	kd = kvm_openfiles(nlistf, memf, swapf, O_RDONLY, errbuf);
 	if (kd == 0)
-- 
cgit v1.1