diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2008-10-07 02:20:13 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2008-10-07 02:20:13 +0000 |
| commit | d81f7531f8394039bb72880dbc87d60ec78170e6 (patch) | |
| tree | 9fa47dc17c5a0a78e044f553b317fa125111b37e /sys | |
| parent | 8d80e8206efe58c7c958ef9f495be45e1c7316ba (diff) | |
Do not display file offsets and a few other pieces of information, except
to the user or the superuser. Display * for those fields instead. From
PR 5113, but modified to use copyout correctly.
comments from tedu, ok from others
Diffstat (limited to 'sys')
| -rw-r--r-- | sys/kern/kern_sysctl.c | 21 | ||||
| -rw-r--r-- | sys/sys/sysctl.h | 4 |
2 files changed, 18 insertions, 7 deletions
diff --git a/sys/kern/kern_sysctl.c b/sys/kern/kern_sysctl.c index 1a0a15f00eb..84584964fd2 100644 --- a/sys/kern/kern_sysctl.c +++ b/sys/kern/kern_sysctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_sysctl.c,v 1.161 2008/06/09 07:07:16 djm Exp $ */ +/* $OpenBSD: kern_sysctl.c,v 1.162 2008/10/07 02:20:11 deraadt Exp $ */ /* $NetBSD: kern_sysctl.c,v 1.17 1996/05/20 17:49:05 mrg Exp $ */ /*- @@ -347,7 +347,7 @@ kern_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, p)); #endif case KERN_FILE: - return (sysctl_file(oldp, oldlenp)); + return (sysctl_file(oldp, oldlenp, p)); case KERN_MBSTAT: return (sysctl_rdstruct(oldp, oldlenp, newp, &mbstat, sizeof(mbstat))); @@ -923,11 +923,12 @@ sysctl_rdstruct(void *oldp, size_t *oldlenp, void *newp, const void *sp, * Get file structures. */ int -sysctl_file(char *where, size_t *sizep) +sysctl_file(char *where, size_t *sizep, struct proc *p) { int buflen, error; - struct file *fp; + struct file *fp, cfile; char *start = where; + struct ucred *cred = p->p_ucred; buflen = *sizep; if (where == NULL) { @@ -959,7 +960,17 @@ sysctl_file(char *where, size_t *sizep) *sizep = where - start; return (ENOMEM); } - error = copyout((caddr_t)fp, where, sizeof (struct file)); + + /* Only let the superuser or the owner see some information */ + bcopy(fp, &cfile, sizeof (struct file)); + if (suser(p, 0) != 0 && cred->cr_uid != fp->f_cred->cr_uid) { + cfile.f_offset = (off_t)-1; + cfile.f_rxfer = 0; + cfile.f_wxfer = 0; + cfile.f_rbytes = 0; + cfile.f_wbytes = 0; + } + error = copyout(&cfile, where, sizeof (struct file)); if (error) return (error); buflen -= sizeof(struct file); diff --git a/sys/sys/sysctl.h b/sys/sys/sysctl.h index 041e94d2cb1..0092f7f739e 100644 --- a/sys/sys/sysctl.h +++ b/sys/sys/sysctl.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sysctl.h,v 1.93 2008/09/16 15:48:12 gollo Exp $ */ +/* $OpenBSD: sysctl.h,v 1.94 2008/10/07 02:20:11 deraadt Exp $ */ /* $NetBSD: sysctl.h,v 1.16 1996/04/09 20:55:36 cgd Exp $ */ /* @@ -686,7 +686,7 @@ int sysctl__string(void *, size_t *, void *, size_t, char *, int, int); int sysctl_rdstring(void *, size_t *, void *, const char *); int sysctl_rdstruct(void *, size_t *, void *, const void *, int); int sysctl_struct(void *, size_t *, void *, size_t, void *, int); -int sysctl_file(char *, size_t *); +int sysctl_file(char *, size_t *, struct proc *); int sysctl_doproc(int *, u_int, char *, size_t *); struct radix_node; struct walkarg; |