svn commit: r228288 - head/sys/kern
Mikolaj Golub
trociny at FreeBSD.org
Mon Dec 5 19:34:03 UTC 2011
Author: trociny
Date: Mon Dec 5 19:34:02 2011
New Revision: 228288
URL: http://svn.freebsd.org/changeset/base/228288
Log:
Protect kern.proc.auxv and kern.proc.ps_strings sysctls with p_candebug().
Citing jilles:
If we are ever going to do ASLR, the AUXV information tells an attacker
where the stack, executable and RTLD are located, which defeats much of
the point of randomizing the addresses in the first place.
Given that the AUXV information seems to be used by debuggers only anyway,
I think it would be good to move it to p_candebug() now.
The full virtual memory maps (KERN_PROC_VMMAP, procstat -v) are already
under p_candebug().
Suggested by: jilles
Discussed with: rwatson
MFC after: 1 week
Modified:
head/sys/kern/kern_proc.c
Modified: head/sys/kern/kern_proc.c
==============================================================================
--- head/sys/kern/kern_proc.c Mon Dec 5 18:29:25 2011 (r228287)
+++ head/sys/kern/kern_proc.c Mon Dec 5 19:34:02 2011 (r228288)
@@ -1782,7 +1782,8 @@ sysctl_kern_proc_auxv(SYSCTL_HANDLER_ARG
PROC_UNLOCK(p);
return (ESRCH);
}
- if ((error = p_cansee(curthread, p)) != 0) {
+ error = p_candebug(curthread, p);
+ if (error != 0) {
PROC_UNLOCK(p);
return (error);
}
@@ -2456,7 +2457,8 @@ sysctl_kern_proc_ps_strings(SYSCTL_HANDL
p = pfind((pid_t)name[0]);
if (p == NULL)
return (ESRCH);
- if ((error = p_cansee(curthread, p)) != 0) {
+ error = p_cansee(curthread, p);
+ if (error != 0) {
PROC_UNLOCK(p);
return (error);
}
More information about the svn-src-all
mailing list