Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: sysutils/lsof stopped working for non-root user



I'm not subscribed to current-users@, but Martin forwarded me the mail, so
I'm forwarding my answer.

So is this expected and intended consequence, bug or still unfinished
part of the project? Just curious (it runs on FreeBSD-current, latest
CentOS, NetBSD-8).

It's an undesirable consequence of the fact that we don't leak kernel
pointers to everyone anymore, you now need to be root. FreeBSD still leaks
things, so lsof works on it. OpenBSD does not, and I doubt it works there.

Of course, it would be good to fix it.


-------- Message transféré --------
Sujet : Re: [ci4ic4%gmail.com@localhost: sysutils/lsof stopped working for non-root user]
Date : Tue, 25 Sep 2018 14:16:03 +0200
De : Maxime Villard <max%m00nbsd.net@localhost>
Pour : Martin Husemann <martin%duskware.de@localhost>

Le 25/09/2018 à 13:19, Martin Husemann a écrit :
Sounds like your kernel pointer changes?

I've checked, and indeed, lsof retrieves kern.proc2 via KVM, and expects to
read kernel memory via p_fd. It doesn't look like there is any solution,
apart from opening a new sysctl, that would allow to retrieve the file name
without reading kernel memory.

But basically programs like lsof are not to be trusted -- I think it is even
wrong to give them kmem rights.

As far as I can tell, OpenBSD has the same problem, because they too clear
kernel pointers, so I don't see how lsof could work there.


Home | Main Index | Thread Index | Old Index