Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/netbsd-1-4]: src/sys/miscfs/procfs Pull up revision 1.30 (requested by he):

details:   https://anonhg.NetBSD.org/src/rev/36e40de41da5
branches:  netbsd-1-4
changeset: 471322:36e40de41da5
user:      he <he%NetBSD.org@localhost>
date:      Mon Jan 14 15:20:24 2002 +0000

description:
Pull up revision 1.30 (requested by he):
  Fix a ptrace/execve race condition which could be used to modify
  the child process' image during execve.  This would be a security
  issue due to setuid programs.

diffstat:

 sys/miscfs/procfs/procfs_mem.c |  19 ++++++++++++-------
 1 files changed, 12 insertions(+), 7 deletions(-)

diffs (49 lines):

diff -r ca0c4d607b5d -r 36e40de41da5 sys/miscfs/procfs/procfs_mem.c
--- a/sys/miscfs/procfs/procfs_mem.c    Mon Jan 14 15:20:07 2002 +0000
+++ b/sys/miscfs/procfs/procfs_mem.c    Mon Jan 14 15:20:24 2002 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: procfs_mem.c,v 1.23 1999/03/25 04:45:57 sommerfe Exp $ */
+/*     $NetBSD: procfs_mem.c,v 1.23.2.1 2002/01/14 15:20:24 he Exp $   */
 
 /*
  * Copyright (c) 1993 Jan-Simon Pendry
@@ -140,7 +140,13 @@
        /*
         * You cannot attach to a processes mem/regs if:
         *
-        *      (1) it's not owned by you, or is set-id on exec
+        *      (1) It is currently exec'ing
+        */
+       if (ISSET(t->p_flag, P_INEXEC))
+               return (EAGAIN);
+
+       /*
+        *      (2) it's not owned by you, or is set-id on exec
         *          (unless you're root), or...
         */
        if ((t->p_cred->p_ruid != p->p_cred->p_ruid ||
@@ -149,7 +155,7 @@
                return (error);
 
        /*
-        *      (2) ...it's init, which controls the security level
+        *      (3) ...it's init, which controls the security level
         *          of the entire system, and the system was not
         *          compiled with permanetly insecure mode turned on.
         */
@@ -157,12 +163,11 @@
                return (EPERM);
 
        /*
-        * (3) the tracer is chrooted, and its root directory is
-        * not at or above the root directory of the tracee
+        *      (4) the tracer is chrooted, and its root directory is
+        *          not at or above the root directory of the tracee
         */
-
        if (!proc_isunder(t, p))
-               return EPERM;
+               return (EPERM);
        
        return (0);
 }
Home | Main Index | Thread Index | Old Index