Date: Sun, 13 Apr 2014 20:43:29 GMT From: jilles@FreeBSD.org To: frf@xocolatl.com, jilles@FreeBSD.org, freebsd-bugs@FreeBSD.org, jilles@FreeBSD.org Subject: Re: kern/127048: systat(1) information leak when security.bsd.see_other_uids=0 Message-ID: <201404132043.s3DKhT8H007733@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
Synopsis: systat(1) information leak when security.bsd.see_other_uids=0 State-Changed-From-To: open->feedback State-Changed-By: jilles State-Changed-When: Sun Apr 13 20:41:07 UTC 2014 State-Changed-Why: I tested this on stable/9 and head (11.0) and it appears to work properly. Either this was fixed since 7.0 or there is something special about your environment. Make sure that /usr/bin/systat does not have setuid/setgid bits set; if so, it will read from kernel memory and ignore security.bsd.see_other_uids. Can you provide more information? Responsible-Changed-From-To: freebsd-bugs->jilles Responsible-Changed-By: jilles Responsible-Changed-When: Sun Apr 13 20:41:07 UTC 2014 Responsible-Changed-Why: Track replies. http://www.freebsd.org/cgi/query-pr.cgi?pr=127048
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201404132043.s3DKhT8H007733>