Date: Wed, 21 Feb 2001 02:01:39 +0100 From: Thomas Moestl <tmoestl@gmx.net> To: freebsd-audit@freebsd.org Subject: removing setgid kmem from pstat Message-ID: <20010221020139.A4016@crow.dom2ip.de>
next in thread | raw e-mail | index | archive | help
Hi, I have done yet another set of patches for setgid removal, this time for pstat. This change makes all options of pstat (except -v, see below) work with crash dumps via libkvm calls and with live kernels via sysctl. Note: pstat -v is broken (-v has been disabled for a while), so I did not care about any code needed for this option. Again, some kernel changes were needed. First of all, the kernel tty list as kept in kern/tty.c is used, so the drivers that did not register with this list (with ttyregister or ttymalloc) were changed to do so. Then, the kern.file and kern.ttys sysctls were changed - they now use a struct xfile or a struct xtty respectively that contain a little less information (for paranoia reasons) and are flat structures (previously, pointers were exported). I think there is no place where these where actually used save pstat and libkvm (see below). Because of the format change of the kern.file sysctl, I also had to change kvm_getfiles in libkvm. The output of this is quite different now (a simple array of struct xfile's), because less information is exported via the sysctl. Although I could spot no place where this was actually used, I guess a version number bump is needed. There is also a patch for nfsstat; this removes setgid install in the Makefile, and a comment and a little code no longer needed in the non-setgid case. nfsstat has apparently used sysctls on live kernels for years, and so setgid can be taken away without any real modifications. The new patches are at: - for pstat: http://www.tu-bs.de/~y0015675/pstat.diff - for nfsstat: http://www.tu-bs.de/~y0015675/nfsstat.diff - for libkvm: http://www.tu-bs.de/~y0015675/libkvm2.diff - for the kernel: http://www.tu-bs.de/~y0015675/sysctl6.diff The previously posted patches are at (please note that the iostat and sysctl5 patches have been updated since my last mail): http://www.tu-bs.de/~y0015675/vmstat.diff http://www.tu-bs.de/~y0015675/iostat.diff http://www.tu-bs.de/~y0015675/vinum.diff http://www.tu-bs.de/~y0015675/libdevstat.diff http://www.tu-bs.de/~y0015675/sysctl5.diff http://www.tu-bs.de/~y0015675/sysctl4.diff http://www.tu-bs.de/~y0015675/dmesg.diff http://www.tu-bs.de/~y0015675/sysctl3.diff http://www.tu-bs.de/~y0015675/systat.diff http://www.tu-bs.de/~y0015675/sysctl2.diff http://www.tu-bs.de/~y0015675/top.diff http://www.tu-bs.de/~y0015675/libkvm.diff http://www.tu-bs.de/~y0015675/sysctl.diff It would be nice if people with the respective hardware for the tty drivers I changed (dgb, rp, cy, stallion, rc) could give this patch a try (but please note that the new patches partly depend on the older ones, although this should only affect pstat). The changes are small, and I do not expect much problems. Please review and comment. - thomas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010221020139.A4016>