svn commit: r253887 - head/sys/dev/filemon
Hiroki Sato
hrs at FreeBSD.org
Sun Aug 4 03:16:54 UTC 2013
Jilles Tjoelker <jilles at stack.nl> wrote
in <20130802152204.GA1880 at stack.nl>:
ji> You can simplify the code using the fairly new pget(). This will also
ji> fix the incorrect errno when the process does not exist (should be
ji> [ESRCH]).
ji>
ji> This change is a step in the right direction but is incomplete. Although
ji> the check protects currently running processes, I do not see how it
ji> prevents tracing a process that gets the same PID again after the
ji> original target process has exited. This not only leaks sensitive
ji> information but may also prevent tracing by the legitimate owner of the
ji> process (because only one filemon will write events for a process). This
ji> could be fixed by setting filemon->pid = -1 in
ji> filemon_wrapper_sys_exit() and not allowing P_WEXIT and zombies in
ji> FILEMON_SET_PID (PGET_NOTWEXIT disallows both). An [EBUSY] when there is
ji> already a filemon monitoring the process may also be useful (or writing
ji> copies of the events to all attached filemons).
Thank you for your comments. Can you review the attached patch? If
there is no problem, I will commit this and MFC to stable branches.
-- Hiroki
-------------- next part --------------
A non-text attachment was scrubbed...
Name: filemon_privcheck.20130804-1.diff
Type: text/x-patch
Size: 1020 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/svn-src-all/attachments/20130804/147232f8/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/svn-src-all/attachments/20130804/147232f8/attachment.sig>
More information about the svn-src-all
mailing list