Subject: Re: sysctl knob to let sugid processes dump core (pr 15994)
To: YAMAMOTO Takashi <yamt@mwd.biglobe.ne.jp>
From: Elad Efrat <elad@NetBSD.org>
List: tech-security
Date: 07/14/2006 23:30:28
This is a multi-part message in MIME format.

--Boundary_(ID_1Dpj6FimdUvIQUUUYIZ4vg)
Content-type: text/plain; charset=ISO-8859-1
Content-transfer-encoding: 7BIT

YAMAMOTO Takashi wrote:

> it seems there's no objection, at least on these lists.
> so please move them.

diff attached.

-e.

-- 
Elad Efrat

--Boundary_(ID_1Dpj6FimdUvIQUUUYIZ4vg)
Content-type: text/plain; name=setid_core.diff
Content-transfer-encoding: 7BIT
Content-disposition: inline; filename=setid_core.diff

Index: init_sysctl.c
===================================================================
RCS file: /usr/cvs/src/sys/kern/init_sysctl.c,v
retrieving revision 1.74
diff -u -p -r1.74 init_sysctl.c
--- init_sysctl.c	21 Jun 2006 13:46:17 -0000	1.74
+++ init_sysctl.c	13 Jul 2006 19:58:38 -0000
@@ -277,6 +277,7 @@ SYSCTL_SETUP(sysctl_kern_setup, "sysctl 
 	extern int kern_logsigexit;	/* defined in kern/kern_sig.c */
 	extern fixpt_t ccpu;		/* defined in kern/kern_synch.c */
 	extern int dumponpanic;		/* defined in kern/subr_prf.c */
+	const struct sysctlnode *rnode;
 
 	sysctl_createv(clog, 0, NULL, NULL,
 		       CTLFLAG_PERMANENT,
@@ -804,6 +805,55 @@ SYSCTL_SETUP(sysctl_kern_setup, "sysctl 
 		       SYSCTL_DESCR("Mapping of CPU number to CPU id"),
 		       sysctl_kern_cpid, 0, NULL, 0,
 		       CTL_KERN, KERN_CP_ID, CTL_EOL);
+
+	sysctl_createv(clog, 0, NULL, &rnode,
+		       CTLFLAG_PERMANENT,
+		       CTLTYPE_NODE, "coredump",
+		       SYSCTL_DESCR("Coredump settings."),
+		       NULL, 0, NULL, 0,
+		       CTL_KERN, CTL_CREATE, CTL_EOL);
+	sysctl_createv(clog, 0, &rnode, &rnode,
+		       CTLFLAG_PERMANENT,
+		       CTLTYPE_NODE, "setid",
+		       SYSCTL_DESCR("Set-id processes' coredump settings."),
+		       NULL, 0, NULL, 0,
+		       CTL_CREATE, CTL_EOL);
+	sysctl_createv(clog, 0, &rnode, NULL,
+		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
+		       CTLTYPE_INT, "dump",
+		       SYSCTL_DESCR("Allow set-id processes to dump core."),
+		       sysctl_security_setidcore, 0, &security_setidcore_dump,
+		       sizeof(security_setidcore_dump),
+		       CTL_CREATE, CTL_EOL);
+	sysctl_createv(clog, 0, &rnode, NULL,
+		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
+		       CTLTYPE_STRING, "path",
+		       SYSCTL_DESCR("Path pattern for set-id coredumps."),
+		       sysctl_security_setidcorename, 0,
+		       &security_setidcore_path,
+		       sizeof(security_setidcore_path),
+		       CTL_CREATE, CTL_EOL);
+	sysctl_createv(clog, 0, &rnode, NULL,
+		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
+		       CTLTYPE_INT, "owner",
+		       SYSCTL_DESCR("Owner id for set-id processes' cores."),
+		       sysctl_security_setidcore, 0, &security_setidcore_owner,
+		       0,
+		       CTL_CREATE, CTL_EOL);
+	sysctl_createv(clog, 0, &rnode, NULL,
+		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
+		       CTLTYPE_INT, "group",
+		       SYSCTL_DESCR("Group id for set-id processes' cores."),
+		       sysctl_security_setidcore, 0, &security_setidcore_group,
+		       0,
+		       CTL_CREATE, CTL_EOL);
+	sysctl_createv(clog, 0, &rnode, NULL,
+		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
+		       CTLTYPE_INT, "mode",
+		       SYSCTL_DESCR("Mode for set-id processes' cores."),
+		       sysctl_security_setidcore, 0, &security_setidcore_mode,
+		       0,
+		       CTL_CREATE, CTL_EOL);
 }
 
 SYSCTL_SETUP(sysctl_kern_proc_setup,
@@ -1037,49 +1087,6 @@ SYSCTL_SETUP(sysctl_security_setup, "sys
 				    " to users not owning them."),
 		       NULL, 0, &security_curtain, 0,
 		       CTL_CREATE, CTL_EOL);
-
-	sysctl_createv(clog, 0, &rnode, &rnode,
-		       CTLFLAG_PERMANENT,
-		       CTLTYPE_NODE, "setid_core",
-		       SYSCTL_DESCR("Set-id processes' coredump settings."),
-		       NULL, 0, NULL, 0,
-		       CTL_CREATE, CTL_EOL);
-	sysctl_createv(clog, 0, &rnode, NULL,
-		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
-		       CTLTYPE_INT, "dump",
-		       SYSCTL_DESCR("Allow set-id processes to dump core."),
-		       sysctl_security_setidcore, 0, &security_setidcore_dump,
-		       sizeof(security_setidcore_dump),
-		       CTL_CREATE, CTL_EOL);
-	sysctl_createv(clog, 0, &rnode, NULL,
-		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
-		       CTLTYPE_STRING, "path",
-		       SYSCTL_DESCR("Path pattern for set-id coredumps."),
-		       sysctl_security_setidcorename, 0,
-		       &security_setidcore_path,
-		       sizeof(security_setidcore_path),
-		       CTL_CREATE, CTL_EOL);
-	sysctl_createv(clog, 0, &rnode, NULL,
-		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
-		       CTLTYPE_INT, "owner",
-		       SYSCTL_DESCR("Owner id for set-id processes' cores."),
-		       sysctl_security_setidcore, 0, &security_setidcore_owner,
-		       0,
-		       CTL_CREATE, CTL_EOL);
-	sysctl_createv(clog, 0, &rnode, NULL,
-		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
-		       CTLTYPE_INT, "group",
-		       SYSCTL_DESCR("Group id for set-id processes' cores."),
-		       sysctl_security_setidcore, 0, &security_setidcore_group,
-		       0,
-		       CTL_CREATE, CTL_EOL);
-	sysctl_createv(clog, 0, &rnode, NULL,
-		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
-		       CTLTYPE_INT, "mode",
-		       SYSCTL_DESCR("Mode for set-id processes' cores."),
-		       sysctl_security_setidcore, 0, &security_setidcore_mode,
-		       0,
-		       CTL_CREATE, CTL_EOL);
 }
 
 /*

--Boundary_(ID_1Dpj6FimdUvIQUUUYIZ4vg)--