Subject: kern/36661: any users can modify envsys setting
To: None <kern-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: None <yamt@mwd.biglobe.ne.jp>
List: netbsd-bugs
Date: 07/17/2007 15:00:00
>Number: 36661
>Category: kern
>Synopsis: any users can modify envsys setting
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Jul 17 15:00:00 +0000 2007
>Originator: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
>Release: NetBSD 4.99.23
>Organization:
>Environment:
Architecture: i386
Machine: i386
>Description:
ENVSYS_SETDICTIONARY can be used without write-access.
/dev/sysmon's mode mask is 644.
>How-To-Repeat:
>Fix:
- make sysmonioctl_envsys check FWRITE for ENVSYS_SETDICTIONARY.
- make envstat(8) use O_WDWR when appropriate.
>Unformatted: