tech-security: Re: kern.showallprocs implementation

Subject: Re: kern.showallprocs implementation
To: None <tech-security@NetBSD.org>
From: Rui Paulo <alpha1@freeshell.org>
List: tech-security
Date: 06/26/2004 13:36:02
--x+6KMIRAuhnl3hBn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On 2004.06.26 10:27:29 +0000, Klaus Klein wrote:
> Why isn't this using suser(9)?
I checked the below function and who ever wrote that code didn't used
suser(9). But it seems suser() is cleaner.
The new diff is in attachement.

Thanks.

-- 
  "Simplicity is the ultimate 
    sophistication." 
    -- Leonardo da Vinci      


--x+6KMIRAuhnl3hBn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=d3

Index: init_sysctl.c
===================================================================
RCS file: /cvsroot/src/sys/kern/init_sysctl.c,v
retrieving revision 1.24.2.4
diff -u -r1.24.2.4 init_sysctl.c
--- init_sysctl.c	6 May 2004 05:36:49 -0000	1.24.2.4
+++ init_sysctl.c	26 Jun 2004 12:33:41 -0000
@@ -115,6 +115,7 @@
 static int sysctl_kern_maxproc(SYSCTLFN_PROTO);
 static int sysctl_kern_securelevel(SYSCTLFN_PROTO);
 static int sysctl_kern_hostid(SYSCTLFN_PROTO);
+static int sysctl_kern_showallprocs(SYSCTLFN_PROTO);
 static int sysctl_setlen(SYSCTLFN_PROTO);
 static int sysctl_kern_clockrate(SYSCTLFN_PROTO);
 static int sysctl_kern_file(SYSCTLFN_PROTO);
@@ -287,6 +288,13 @@
 		       SYSCTL_DESCR("Maximum number of simultaneous processes"),
 		       sysctl_kern_maxproc, 0, NULL, 0,
 		       CTL_KERN, KERN_MAXPROC, CTL_EOL);
+        sysctl_createv(clog, 0, NULL, NULL,
+	               CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
+	               CTLTYPE_INT, "showallprocs",
+	               SYSCTL_DESCR("Whether normal users can list all "
+	                            "processes"),
+		       sysctl_kern_showallprocs, 0, &showallprocs, 0,
+		       CTL_KERN, KERN_SHOWALLPROCS, CTL_EOL);
 	sysctl_createv(clog, 0, NULL, NULL,
 		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
 		       CTLTYPE_INT, "maxfiles",
@@ -1047,6 +1055,29 @@
 }
 
 /*
+ * sysctl helper function for kern.showallprocs. allowed values are 0 and 1.
+ */
+static int
+sysctl_kern_showallprocs(SYSCTLFN_ARGS)
+{
+	int error, nshowallprocs;
+	struct sysctlnode node;
+	
+	nshowallprocs = showallprocs;
+	node = *rnode;
+        node.sysctl_data = &nshowallprocs;
+	error = sysctl_lookup(SYSCTLFN_CALL(&node));
+	if (error || newp == NULL)
+		return (error);
+        if (nshowallprocs < 0 || nshowallprocs > 1)
+		return (EINVAL);
+
+	showallprocs = nshowallprocs;
+
+	return (0);
+}
+
+/*
  * sysctl helper routine for kern.securelevel.  ensures that the value
  * only rises unless the caller has pid 1 (assumed to be init).
  */
@@ -1895,6 +1926,17 @@
 		 */
 		if (p->p_stat == SIDL)
 			continue;
+                /*
+	 	 * If kern.showallprocs == 0, then skip processes that don't 
+		 * match the UID of the calling process. Root is allowed to 
+		 * see every process.
+		 */
+		
+		if (!showallprocs && 
+		    suser(l->l_proc->p_ucred, &l->l_proc->p_acflag) &&
+		    p->p_ucred->cr_uid != l->l_proc->p_ucred->cr_uid)
+			continue;
+				
 		/*
 		 * TODO - make more efficient (see notes below).
 		 * do by session.
Index: kern_sysctl.c
===================================================================
RCS file: /cvsroot/src/sys/kern/kern_sysctl.c,v
retrieving revision 1.169.2.6
diff -u -r1.169.2.6 kern_sysctl.c
--- kern_sysctl.c	14 May 2004 06:18:39 -0000	1.169.2.6
+++ kern_sysctl.c	26 Jun 2004 12:33:41 -0000
@@ -163,6 +163,8 @@
 
 long hostid;
 
+int showallprocs = 1;
+
 #ifdef INSECURE
 int securelevel = -1;
 #else
Index: sysctl.h
===================================================================
RCS file: /cvsroot/src/sys/sys/sysctl.h,v
retrieving revision 1.116.2.8
diff -u -r1.116.2.8 sysctl.h
--- sysctl.h	23 May 2004 10:45:52 -0000	1.116.2.8
+++ sysctl.h	26 Jun 2004 12:34:04 -0000
@@ -268,7 +268,7 @@
 #define	KERN_DRIVERS		75	/* struct: driver names and majors #s */
 #define	KERN_BUF		76	/* struct: buffers */
 #define	KERN_MAXID		77	/* number of valid kern ids */
-
+#define KERN_SHOWALLPROCS       78      /* int: if users can see all procs */
 
 #define	CTL_KERN_NAMES { \
 	{ 0, 0 }, \
@@ -278,6 +278,7 @@
 	{ "version", CTLTYPE_STRING }, \
 	{ "maxvnodes", CTLTYPE_INT }, \
 	{ "maxproc", CTLTYPE_INT }, \
+	{ "showallprocs", CTLTYPE_INT }, \
 	{ "maxfiles", CTLTYPE_INT }, \
 	{ "argmax", CTLTYPE_INT }, \
 	{ "securelevel", CTLTYPE_INT }, \
Index: systm.h
===================================================================
RCS file: /cvsroot/src/sys/sys/systm.h,v
retrieving revision 1.170
diff -u -r1.170 systm.h
--- systm.h	23 Jan 2004 05:01:19 -0000	1.170
+++ systm.h	26 Jun 2004 12:34:04 -0000
@@ -104,6 +104,8 @@
 extern int maxmem;		/* max memory per process */
 extern int physmem;		/* physical memory */
 
+extern int showallprocs;        /* how users see processes */
+
 extern dev_t dumpdev;		/* dump device */
 extern long dumplo;		/* offset into dumpdev */
 extern int dumpsize;		/* size of dump in pages */

--x+6KMIRAuhnl3hBn--