Date: Fri, 14 Apr 1995 10:49:11 +0200 (MET DST) From: J Wunsch <j@uriah.heep.sax.de> To: seki@sysrap.cs.fujitsu.co.jp (Masahiro SEKIGUCHI) Cc: FreeBSD-BUGs@FreeBSD.org Subject: Re: bug on /bin/ps permission? Message-ID: <199504140849.KAA17434@uriah.heep.sax.de> In-Reply-To: <9504140053.AA10643@seki.sysrap.cs.fujitsu.co.jp> from "Masahiro SEKIGUCHI" at Apr 14, 95 09:53:37 am
next in thread | previous in thread | raw e-mail | index | archive | help
As Masahiro SEKIGUCHI wrote:
>
> I'm not sure this is a bug.
>
> In 950322 SNAP bin, /bin/ps has the following permission/owner/group:
>
> -r-sr-xr-x 1 root bin 143360 Mar 24 09:33 /bin/ps
This is the change that made it:
revision 1.2
date: 1994/08/11 20:06:55; author: wollman; state: Exp; lines: +2 -2
Make `ps' set-uid root so that it can read the same set of arguments
that old `ps'es did. I'm not too thrilled about this, but I'm not
enough of an FS person to hack procfs so that /proc/xxx/mem is readable
by members of group `kmem'. If this is done, then `ps' can go back to
being set-gid kmem.
Unfortunately, it doesn't seem to make a good job, since the remainder
of ps is not aware of its new privileges:
/*
* Discard setgid privileges if not the running kernel so that bad
* guys can't print interesting stuff from kernel memory.
*/
if (nlistf != NULL || memf != NULL || swapf != NULL)
setgid(getgid());
This has been turned into a no-op by the suidness.
--
cheers, J"org
joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/
Never trust an operating system you don't have sources for. ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199504140849.KAA17434>