diff options
| author | Philip Guenthe <guenther@cvs.openbsd.org> | 2010-01-28 19:23:07 +0000 |
|---|---|---|
| committer | Philip Guenthe <guenther@cvs.openbsd.org> | 2010-01-28 19:23:07 +0000 |
| commit | c8c4525ddb2c026993ac0bce3ef1651951330f8c (patch) | |
| tree | b9bf01fbf1cb0cf30f5efa759c63602a982fec30 /sys/kern/kern_proc.c | |
| parent | 2349c69070600289d40ea08fb6b49fa982532d83 (diff) | |
Make sure the process tree is is loop-free by forbidding ptrace()
of a direct ancestor, closing a localhost DoS. As an exception,
do permit ptrace() of pid 1 and have inferiors() stop climbing if
it hits that.
ok tedu@ hpux_compat suggestion from miod@
Diffstat (limited to 'sys/kern/kern_proc.c')
| -rw-r--r-- | sys/kern/kern_proc.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/sys/kern/kern_proc.c b/sys/kern/kern_proc.c index ff2854c0dda..8c2eb86af41 100644 --- a/sys/kern/kern_proc.c +++ b/sys/kern/kern_proc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_proc.c,v 1.40 2009/04/15 10:47:46 art Exp $ */ +/* $OpenBSD: kern_proc.c,v 1.41 2010/01/28 19:23:06 guenther Exp $ */ /* $NetBSD: kern_proc.c,v 1.14 1996/02/09 18:59:41 christos Exp $ */ /* @@ -151,14 +151,14 @@ chgproccnt(uid_t uid, int diff) } /* - * Is p an inferior of the current process? + * Is p an inferior of parent? */ int -inferior(struct proc *p) +inferior(struct proc *p, struct proc *parent) { - for (; p != curproc; p = p->p_pptr) - if (p->p_pid == 0) + for (; p != parent; p = p->p_pptr) + if (p->p_pid == 0 || p->p_pid == 1) return (0); return (1); } |