summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/libc/sys/ptrace.26
-rw-r--r--sys/kern/sys_process.c14
2 files changed, 15 insertions, 5 deletions
diff --git a/lib/libc/sys/ptrace.2 b/lib/libc/sys/ptrace.2
index 1229e0b865b..7152f1c8ae0 100644
--- a/lib/libc/sys/ptrace.2
+++ b/lib/libc/sys/ptrace.2
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ptrace.2,v 1.10 2002/03/12 14:38:12 art Exp $
+.\" $OpenBSD: ptrace.2,v 1.11 2002/04/10 17:31:59 fgsch Exp $
.\" $NetBSD: ptrace.2,v 1.3 1996/02/23 01:39:41 jtc Exp $
.\"
.\" This file is in the public domain.
@@ -434,6 +434,10 @@ An attempt was made to use
on a process in violation of the requirements listed under
.Dv PT_ATTACH
above.
+.It
+An attempt was made to use
+.Dv PT_ATTACH
+on a system process.
.El
.El
.Sh BUGS
diff --git a/sys/kern/sys_process.c b/sys/kern/sys_process.c
index 562fe227661..2921ef101f9 100644
--- a/sys/kern/sys_process.c
+++ b/sys/kern/sys_process.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sys_process.c,v 1.21 2002/03/12 14:37:40 art Exp $ */
+/* $OpenBSD: sys_process.c,v 1.22 2002/04/10 17:31:59 fgsch Exp $ */
/* $NetBSD: sys_process.c,v 1.55 1996/05/15 06:17:47 tls Exp $ */
/*-
@@ -121,13 +121,19 @@ sys_ptrace(p, v, retval)
return (EINVAL);
/*
- * (2) it's already being traced, or
+ * (2) it's a system process
+ */
+ if (ISSET(t->p_flag, P_SYSTEM))
+ return (EPERM);
+
+ /*
+ * (3) it's already being traced, or
*/
if (ISSET(t->p_flag, P_TRACED))
return (EBUSY);
/*
- * (3) it's not owned by you, or the last exec
+ * (4) it's not owned by you, or the last exec
* gave us setuid/setgid privs (unless
* you're root), or...
*
@@ -143,7 +149,7 @@ sys_ptrace(p, v, retval)
return (error);
/*
- * (4) ...it's init, which controls the security level
+ * (5) ...it's init, which controls the security level
* of the entire system, and the system was not
* compiled with permanently insecure mode turned
* on.