Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/trunk]: src/sys/dev/filemon Remove the requirement that the target (trac...



details:   https://anonhg.NetBSD.org/src/rev/75f2fb3d20a2
branches:  trunk
changeset: 811953:75f2fb3d20a2
user:      pgoyette <pgoyette%NetBSD.org@localhost>
date:      Mon Nov 23 23:27:38 2015 +0000

description:
Remove the requirement that the target (tracked) process be a descendant
of the tracking process.  The call to kauth() should be sufficient to
address any security concerns.

diffstat:

 sys/dev/filemon/filemon.c |  23 +----------------------
 1 files changed, 1 insertions(+), 22 deletions(-)

diffs (40 lines):

diff -r 1da36ee8c497 -r 75f2fb3d20a2 sys/dev/filemon/filemon.c
--- a/sys/dev/filemon/filemon.c Mon Nov 23 23:23:25 2015 +0000
+++ b/sys/dev/filemon/filemon.c Mon Nov 23 23:27:38 2015 +0000
@@ -24,7 +24,7 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: filemon.c,v 1.18 2015/11/23 22:20:57 pgoyette Exp $");
+__KERNEL_RCSID(0, "$NetBSD: filemon.c,v 1.19 2015/11/23 23:27:38 pgoyette Exp $");
 
 #include <sys/param.h>
 #include <sys/kernel.h>
@@ -322,27 +322,6 @@
                        break;
                }
 
-               /* Ensure that target proc is a descendant of curproc */
-               p = tp;
-               while (p) {
-                       /*
-                        * make sure p cannot exit
-                        * until we have moved on to p_pptr
-                        */
-                       rw_enter(&p->p_reflock, RW_READER);
-                       if (p == curproc) {
-                               rw_exit(&p->p_reflock);
-                               break;
-                       }
-                       lp = p;
-                       p = p->p_pptr;
-                       rw_exit(&lp->p_reflock);
-               }
-               if (p == NULL) {
-                       error = EPERM;
-                       break;
-               }
-
                error = kauth_authorize_process(curproc->p_cred,
                    KAUTH_PROCESS_CANSEE, tp,
                    KAUTH_ARG(KAUTH_REQ_PROCESS_CANSEE_ENTRY), NULL, NULL);



Home | Main Index | Thread Index | Old Index