netbsd-bugs: kern/34874: /emul/linux/proc/<pid> have wrong permissions

Subject: kern/34874: /emul/linux/proc/ have wrong permissions
To: None <kern-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: None <njoly@pasteur.fr>
List: netbsd-bugs
Date: 10/21/2006 21:55:00
>Number:         34874
>Category:       kern
>Synopsis:       /emul/linux/proc/<pid> have wrong permissions
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Oct 21 21:55:00 +0000 2006
>Originator:     Nicolas Joly
>Release:        NetBSD 4.99.3
>Organization:
Institut Pasteur, Paris.
>Environment:
System: NetBSD cixy.dial.pasteur.fr 4.99.3 NetBSD 4.99.3 (CIXY) #25: Sat Oct 21 15:37:16 CEST 2006 njoly@cixy.dial.pasteur.fr:/local/src/NetBSD/obj/i386/sys/arch/i386/compile/CIXY i386
Architecture: i386
Machine: i386
>Description:
I just noted that `/emul/linux/proc/<pid>' have wrong permissions. All
process directories are 500 where they were 555 previously, just like
`/proc' on Linux hosts.

njoly@cixy [~]> ls -l /proc
total 66
dr-x------  2 root     wheel    512 Oct 21 15:38 0
dr-x------  2 root     wheel    512 Oct 21 15:38 1
dr-x------  2 root     wheel    512 Oct 21 15:38 10
dr-x------  2 njoly    users    512 Oct 21 15:38 1000
dr-x------  2 njoly    users    512 Oct 21 15:38 10343
dr-x------  2 root     wheel    512 Oct 21 15:38 1043
dr-x------  2 njoly    users    512 Oct 21 15:38 10840
dr-x------  2 njoly    users    512 Oct 21 15:38 109
dr-x------  2 root     wheel    512 Oct 21 15:38 11
[...]

This small change was introduced in sys/miscfs/procfs/procfs_subr.c
rev. 1.52, when `/proc/<pid>/fd' permissions were changed from mode 555
to 500.

I noticed too, that `/emul/linux/proc/<pid>' permissions are not always
honored ... like in the example below. According to the directory mode,
files like status should not be accessed.

njoly@cixy [~]> ls -ld /emul/linux/proc/1
dr-x------  2 root  wheel  512 Oct 21 22:29 /emul/linux/proc/1
njoly@cixy [~]> cd /emul/linux/proc/1
cd: permission denied: /emul/linux/proc/1
njoly@cixy [~]> ls -l /emul/linux/proc/1
ls: 1: Permission denied
njoly@cixy [~]> ls -l /emul/linux/proc/1/status
-r--r--r--  1 root  wheel  0 Oct 21 22:31 /emul/linux/proc/1/status
njoly@cixy [~]> cat /emul/linux/proc/1/status
init 1 0 1 1 -1,-1 sldr 1152708166,3 0,527988 2,476083 wait 0 0

>How-To-Repeat:
mount_procfs -o linux /proc /emul/linux/proc
ls -l /emul/linux/proc/1
>Fix:
The following patch restore the 555 mode for `/emul/linux/proc/<pid>'
directories.

Index: procfs_subr.c
===================================================================
RCS file: /cvsroot/src/sys/miscfs/procfs/procfs_subr.c,v
retrieving revision 1.69
diff -u -r1.69 procfs_subr.c
--- procfs_subr.c	20 Sep 2006 08:09:05 -0000	1.69
+++ procfs_subr.c	21 Oct 2006 13:35:55 -0000
@@ -167,6 +167,11 @@
 		vp->v_flag = VROOT;
 		break;
 
+	case PFSproc:	/* /proc/N = dr-xr-xr-x */
+		pfs->pfs_mode = S_IRUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH;
+		vp->v_type = VDIR;
+		break;
+
 	case PFScurproc:	/* /proc/curproc = lr-xr-xr-x */
 	case PFSself:	/* /proc/self    = lr-xr-xr-x */
 	case PFScwd:	/* /proc/N/cwd = lr-xr-xr-x */
@@ -175,7 +180,6 @@
 		vp->v_type = VLNK;
 		break;
 
-	case PFSproc:	/* /proc/N = dr-xr-xr-x */
 	case PFSfd:
 		if (fd == -1) {	/* /proc/N/fd = dr-xr-xr-x */
 			pfs->pfs_mode = S_IRUSR|S_IXUSR;