diff options
-rw-r--r-- | lib/libc/sys/ptrace.2 | 6 | ||||
-rw-r--r-- | sys/kern/sys_process.c | 14 |
2 files changed, 15 insertions, 5 deletions
diff --git a/lib/libc/sys/ptrace.2 b/lib/libc/sys/ptrace.2 index 1229e0b865b..7152f1c8ae0 100644 --- a/lib/libc/sys/ptrace.2 +++ b/lib/libc/sys/ptrace.2 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ptrace.2,v 1.10 2002/03/12 14:38:12 art Exp $ +.\" $OpenBSD: ptrace.2,v 1.11 2002/04/10 17:31:59 fgsch Exp $ .\" $NetBSD: ptrace.2,v 1.3 1996/02/23 01:39:41 jtc Exp $ .\" .\" This file is in the public domain. @@ -434,6 +434,10 @@ An attempt was made to use on a process in violation of the requirements listed under .Dv PT_ATTACH above. +.It +An attempt was made to use +.Dv PT_ATTACH +on a system process. .El .El .Sh BUGS diff --git a/sys/kern/sys_process.c b/sys/kern/sys_process.c index 562fe227661..2921ef101f9 100644 --- a/sys/kern/sys_process.c +++ b/sys/kern/sys_process.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sys_process.c,v 1.21 2002/03/12 14:37:40 art Exp $ */ +/* $OpenBSD: sys_process.c,v 1.22 2002/04/10 17:31:59 fgsch Exp $ */ /* $NetBSD: sys_process.c,v 1.55 1996/05/15 06:17:47 tls Exp $ */ /*- @@ -121,13 +121,19 @@ sys_ptrace(p, v, retval) return (EINVAL); /* - * (2) it's already being traced, or + * (2) it's a system process + */ + if (ISSET(t->p_flag, P_SYSTEM)) + return (EPERM); + + /* + * (3) it's already being traced, or */ if (ISSET(t->p_flag, P_TRACED)) return (EBUSY); /* - * (3) it's not owned by you, or the last exec + * (4) it's not owned by you, or the last exec * gave us setuid/setgid privs (unless * you're root), or... * @@ -143,7 +149,7 @@ sys_ptrace(p, v, retval) return (error); /* - * (4) ...it's init, which controls the security level + * (5) ...it's init, which controls the security level * of the entire system, and the system was not * compiled with permanently insecure mode turned * on. |