kern/45037: Content of net.bpf.peers is available to non-root via fstat(1)

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: kern/45037: Content of net.bpf.peers is available to non-root via fstat(1)
From: alnsn%NetBSD.org@localhost
Date: Thu, 9 Jun 2011 23:25:00 +0000 (UTC)

>Number:         45037
>Category:       kern
>Synopsis:       Content of net.bpf.peers is available to non-root via fstat(1)
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Jun 09 23:25:00 +0000 2011
>Originator:     Alexander Nasonov
>Release:        5.99.52 amd64
>Organization:
home sweet home
>Environment:
NetBSD nebeda.localdomain 5.99.52 NetBSD 5.99.52 (GENERIC) #0: Wed Jun  8 
23:47:33 BST 2011  
root@nebeda.localdomain:/home/alnsn/src/netbsd-current/src/sys/arch/amd64/compile/obj/GENERIC
 amd64

>Description:
net.bpf.peers is available only to root but some content
is available to non-root via fstat(1) command.
>How-To-Repeat:
[screen pts/2] id nobody
uid=32767(nobody) gid=39(nobody) groups=39(nobody)

[screen pts/2] sudo -u nobody netstat -B
netstat: sysctl: net.bpf.peers: Operation not permitted

[screen pts/2] sudo -u root netstat -B
Active BPF peers
PID     Int     Recv     Drop     Capt     Flags  Bufsize  Comm
25908   nfe0    584      0        108      IP-SH  524288   tcpdump

[screen pts/2] sudo -u nobody fstat|grep bpf
_tcpdump tcpdump    25908    5* bpf rec=613, dr=0, cap=116, pid=25908, promisc, 
seesent, idle

>Fix:
not known

Prev by Date: NetBSD Nightly Trouble Ticket Report
Next by Date: misc/45038: lack of tests options
Previous by Thread: kern/45034: Satalink driver downgrades from DMA to PIO 4 from soft errors (sandpoint/PowerPc)
Next by Thread: misc/45038: lack of tests options
Indexes:

Home | Main Index | Thread Index | Old Index