Re: sysutils/lsof stopped working for non-root user

[Maxime Villard <max%m00nbsd.net@localhost>]

I'm not subscribed to current-users@, but Martin forwarded me the mail, so
I'm forwarding my answer.

> So is this expected and intended consequence, bug or still unfinished
> part of the project? Just curious (it runs on FreeBSD-current, latest
> CentOS, NetBSD-8).

It's an undesirable consequence of the fact that we don't leak kernel
pointers to everyone anymore, you now need to be root. FreeBSD still leaks
things, so lsof works on it. OpenBSD does not, and I doubt it works there.

Of course, it would be good to fix it.


-------- Message transféré --------
Sujet : Re: [ci4ic4%gmail.com@localhost: sysutils/lsof stopped working for non-root user]
Date : Tue, 25 Sep 2018 14:16:03 +0200
De : Maxime Villard <max%m00nbsd.net@localhost>
Pour : Martin Husemann <martin%duskware.de@localhost>

Le 25/09/2018 à 13:19, Martin Husemann a écrit :
> Sounds like your kernel pointer changes?

I've checked, and indeed, lsof retrieves kern.proc2 via KVM, and expects to
read kernel memory via p_fd. It doesn't look like there is any solution,
apart from opening a new sysctl, that would allow to retrieve the file name
without reading kernel memory.

But basically programs like lsof are not to be trusted -- I think it is even
wrong to give them kmem rights.

As far as I can tell, OpenBSD has the same problem, because they too clear
kernel pointers, so I don't see how lsof could work there.