Date: Sat, 24 Feb 2001 14:52:16 -0500 (EST) From: Robert Watson <rwatson@FreeBSD.org> To: freebsd-hackers@FreeBSD.org Subject: patches to remove setgid kmem from systat (fwd) Message-ID: <Pine.NEB.3.96L.1010224143234.85229B-100000@fledge.watson.org>
next in thread | raw e-mail | index | archive | help
I'm preparing to commit these changes in the next few days; when committing the last set of changes to top, there were some comments about sysctl namespace allocation, and so I'm looking for a bit more code review this time around since I'm not sure it got all the coverage it needed (other than security checks) on freebsd-audit. My current plan is to commit this on Wednesday. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services ---------- Forwarded message ---------- Date: Wed, 7 Feb 2001 01:25:20 +0100 From: Thomas Moestl <tmoestl@gmx.net> To: freebsd-audit@freebsd.org Subject: patches to remove setgid kmem from systat Hi, here is a second set of patches (partly dependent on those previously posted for top), this time to remove setgid kmem from systat. Most data needed for systat -vmstat was already exported; I needed to add three sysctls, hw.nintr, hw.intrnames and hw.intrcnt. Those export the number of interrups, a list of zero-terminated interrupt names and a list if interrupt counters. I did not split the lists into various sysctls because I wanted to keep the old structures in the kernel (other programs might still use it), and doing it with the existing structures would be kind of a hassle. I think that is OK, though. For this, I had to add an include file for i386 and change one for alpha and ia64; I do not expect problems, but it would be good if someone could do a test-compile on one of these archs. systat -netstat uses only information that is currently exported via sysctl. For a large number of sockets, the new code might be slow, so the kvm code is still used if we have the privileges to access the relevant devices. For normal use, I think it is OK to remove setgid. The new patches are at: - for systat: http://www.tu-bs.de/~y0015675/systat.diff - for the kernel: http://www.tu-bs.de/~y0015675/sysctl2.diff The top changes are at: - for top: http://www.tu-bs.de/~y0015675/top.diff - for libkvm: http://www.tu-bs.de/~y0015675/libkvm.diff - for the kernel: http://www.tu-bs.de/~y0015675/sysctl.diff (those have been updated since my last post to remove some compile-time warnings, most of which weren't my fault ;-) Could these patches please reviewed and committed if OK? - thomas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1010224143234.85229B-100000>