From nobody Sun Apr 20 18:19:05 2025 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ZgcG15QG4z5tRmb; Sun, 20 Apr 2025 18:19:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R10" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4ZgcG13pYMz3tX2; Sun, 20 Apr 2025 18:19:05 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1745173145; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=p6QCNfkTS5SI2YduL7NRpoNFAwuEhk04MaoUyQQoZvg=; b=Y/utOH9WBPvIw/DqDCTIlVIG/Qn4VZW1MQny007p6F8mtEFuHbC828YPJkUX4fmur+rDz+ VUR45/EdPCSf2mFca8S1Bq95V13ZT85Xr86rBwSeD19eGH23jB8eY+NEUSpq2TmTQpIOvG Yibv2sOEYK0Q39m3SUObgkTyTsBp9WkJx4slmvYrrT/RUu4mDRZgdbK6DQBf4a/DN4ugW3 rO4UZjRS4tIJW4UI9gbYTbAA/TJwdLUD4UhHHD7HmtSTWAC4yi5KNq1htFdnpVYH47OQYh /tuZ71KwilneKDK4h5RVmdGIsr3dy7WOxZbrAbXVNqJoLTZuNhfQUMmIeZYWbg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1745173145; a=rsa-sha256; cv=none; b=H3WMRBa0J4lUJNMdbbJaadaaLLR6hnlLUsYLZBfeU2O1vT5y+XYn08DAhxwuza4Ii2tpfG R4DIC2CAqKweAiAcggY0zoNkZOkqSoaQJb7CIOF2j9HRfsCTe+a3jsygwdVFddh6daLmoL Tor25pyt/8Yby4l9KYO0pO5IR8j6mUVrH7Uy3f8ToV9tH7ioTpOZQjbE/fyOV2sTzYZ641 z75BZ2z4XXRSIK5xjVv3YWbVZFsztkadVefG1OMEe5qEJYWYu05IZQmtkLKA5//UyaiePD NSYcXZlAXKwsdBhhuv3huQPWnq6U/OLavrqRImVkahn9FPRri84syZgLUGna6g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1745173145; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=p6QCNfkTS5SI2YduL7NRpoNFAwuEhk04MaoUyQQoZvg=; b=vyR4Ynb9WAhPLsF6s/Js14ZfJpxyF/uK4Ub1M8Qix7CpFWesiIUv210cz66x1C+3vAN1v1 0b3MWtC3GctLk6HYu9KZjwKgXC61urG8OOB28LJMwiSa2UFMz4+maWPPTHXXFo3TE3ln/G TJe+JXdl3AqujBCOAZH6+MAxVAxzPUd/o2vKddPP0BK6UiW5WY49ALyvsopgn8D5/+q6Bg TAXcZKqQhwTwJB22YDfgHCMs4e8lBznCKjnfiHYwbRm9UK3VPMc5hDGLvHegBvG107C9WG NlxmQfp7eRxM+Z5garT/kBQReA80BPmRx7DctOeskqrWj96ydR57VWjBG4JMQQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4ZgcG12lHyzXn; Sun, 20 Apr 2025 18:19:05 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 53KIJ5QN093064; Sun, 20 Apr 2025 18:19:05 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 53KIJ5Go093061; Sun, 20 Apr 2025 18:19:05 GMT (envelope-from git) Date: Sun, 20 Apr 2025 18:19:05 GMT Message-Id: <202504201819.53KIJ5Go093061@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Kyle Evans Subject: git: 49f31b5e0ca7 - main - netstat: strip the binary of sgid List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 49f31b5e0ca7a335b35dbaec92769e4c7237a85e Auto-Submitted: auto-generated The branch main has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=49f31b5e0ca7a335b35dbaec92769e4c7237a85e commit 49f31b5e0ca7a335b35dbaec92769e4c7237a85e Author: Kyle Evans AuthorDate: 2025-04-20 18:18:40 +0000 Commit: Kyle Evans CommitDate: 2025-04-20 18:18:44 +0000 netstat: strip the binary of sgid Everything in the live path seems to use sysctls these days, with kvm only being used for pulling information from core dumps. Strip the binary of /dev/{k,}mem access to reduce the surface area with access to kmem. Reviewed by: glebius, markj Differential Revision: https://reviews.freebsd.org/D47210 --- usr.bin/netstat/Makefile | 2 -- usr.bin/netstat/main.c | 14 ++------------ 2 files changed, 2 insertions(+), 14 deletions(-) diff --git a/usr.bin/netstat/Makefile b/usr.bin/netstat/Makefile index 742de485a6b5..121911b8a18b 100644 --- a/usr.bin/netstat/Makefile +++ b/usr.bin/netstat/Makefile @@ -50,8 +50,6 @@ CFLAGS+=-DSDP CFLAGS+=-DPF .endif -BINGRP= kmem -BINMODE=2555 LIBADD= kvm memstat xo util .if ${MK_NETGRAPH_SUPPORT} != "no" diff --git a/usr.bin/netstat/main.c b/usr.bin/netstat/main.c index 4275ea7821df..e8f657006982 100644 --- a/usr.bin/netstat/main.c +++ b/usr.bin/netstat/main.c @@ -455,17 +455,10 @@ main(int argc, char *argv[]) } #endif - /* - * Discard setgid privileges if not the running kernel so that bad - * guys can't print interesting stuff from kernel memory. - */ live = (nlistf == NULL && memf == NULL); - if (!live) { - if (setgid(getgid()) != 0) - xo_err(EX_OSERR, "setgid"); - /* Load all necessary kvm symbols */ + /* Load all necessary kvm symbols */ + if (!live) kresolve_list(nl); - } if (xflag && Tflag) xo_errx(EX_USAGE, "-x and -T are incompatible, pick one."); @@ -739,9 +732,6 @@ kvmd_init(void) return (0); kvmd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, errbuf); - if (setgid(getgid()) != 0) - xo_err(EX_OSERR, "setgid"); - if (kvmd == NULL) { xo_warnx("kvm not available: %s", errbuf); return (-1);