netbsd-bugs: Re: kern/35226: Problems with permissions in /usr/pkg/emul/linux/proc

Subject: Re: kern/35226: Problems with permissions in /usr/pkg/emul/linux/proc
To: None <kern-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: Elad Efrat <elad@NetBSD.org>
List: netbsd-bugs
Date: 12/24/2006 14:45:02

The following reply was made to PR kern/35226; it has been noted by GNATS.

From: Elad Efrat <elad@NetBSD.org>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: kern/35226: Problems with permissions in /usr/pkg/emul/linux/proc
 .
Date: Sun, 24 Dec 2006 16:40:28 +0200

 This is a multi-part message in MIME format.
 --------------040409020001060303040703
 Content-Type: text/plain; charset=ISO-8859-1
 Content-Transfer-Encoding: 7bit
 
 see attached diff.
 
 -e.
 
 Elad Efrat wrote:
 
 >  that's a known issue that I already have a fix for. I'm not sure what
 >  kind of semantics we want to have in procfs (ie., exclude cpuinfo from
 >  the kauth check, or do that depending on uio_rw, or put it in the
 >  secmodel) so I'm holding it for now.
 
 
 --------------040409020001060303040703
 Content-Type: text/plain;
  name="pr35226.diff"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline;
  filename="pr35226.diff"
 
 Index: procfs_subr.c
 ===================================================================
 RCS file: /usr/cvs/src/sys/miscfs/procfs/procfs_subr.c,v
 retrieving revision 1.73
 diff -u -p -r1.73 procfs_subr.c
 --- procfs_subr.c	28 Nov 2006 17:27:09 -0000	1.73
 +++ procfs_subr.c	23 Dec 2006 13:14:17 -0000
 @@ -324,10 +324,26 @@ procfs_rw(v)
  	 */
  #define	M2K(m)	((m) == UIO_READ ? KAUTH_REQ_PROCESS_CANPROCFS_READ : \
  		 KAUTH_REQ_PROCESS_CANPROCFS_WRITE)
 -	error = kauth_authorize_process(curl->l_cred, KAUTH_PROCESS_CANPROCFS,
 -	    p, pfs, KAUTH_ARG(M2K(uio->uio_rw)), NULL);
 -	if (error)
 -		return (error);
 +	switch (pfs->pfs_type) {
 +	case PFScpuinfo:
 +	case PFSdevices:
 +	case PFSmeminfo:
 +	case PFSmounts:
 +	case PFSuptime:
 +		/*
 +		 * XXX These are Linux emulation nodes. I think because they
 +		 * XXX are all read-only, it's okay to make an exception for
 +		 * XXX them here instead of the secmodel code.
 +		 */
 +		break;
 +	default:
 +		error = kauth_authorize_process(curl->l_cred,
 +		    KAUTH_PROCESS_CANPROCFS, p, pfs,
 +		    KAUTH_ARG(M2K(uio->uio_rw)), NULL);
 +		if (error)
 +			return (error);
 +		break;
 +	}
  #undef	M2K
  
  	/* XXX NJWLWP
 
 --------------040409020001060303040703--