Module Name: src Committed By: pgoyette Date: Mon Nov 23 23:27:38 UTC 2015
Modified Files: src/sys/dev/filemon: filemon.c Log Message: Remove the requirement that the target (tracked) process be a descendant of the tracking process. The call to kauth() should be sufficient to address any security concerns. To generate a diff of this commit: cvs rdiff -u -r1.18 -r1.19 src/sys/dev/filemon/filemon.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/dev/filemon/filemon.c diff -u src/sys/dev/filemon/filemon.c:1.18 src/sys/dev/filemon/filemon.c:1.19 --- src/sys/dev/filemon/filemon.c:1.18 Mon Nov 23 22:20:57 2015 +++ src/sys/dev/filemon/filemon.c Mon Nov 23 23:27:38 2015 @@ -24,7 +24,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: filemon.c,v 1.18 2015/11/23 22:20:57 pgoyette Exp $"); +__KERNEL_RCSID(0, "$NetBSD: filemon.c,v 1.19 2015/11/23 23:27:38 pgoyette Exp $"); #include <sys/param.h> #include <sys/kernel.h> @@ -322,27 +322,6 @@ filemon_ioctl(struct file * fp, u_long c break; } - /* Ensure that target proc is a descendant of curproc */ - p = tp; - while (p) { - /* - * make sure p cannot exit - * until we have moved on to p_pptr - */ - rw_enter(&p->p_reflock, RW_READER); - if (p == curproc) { - rw_exit(&p->p_reflock); - break; - } - lp = p; - p = p->p_pptr; - rw_exit(&lp->p_reflock); - } - if (p == NULL) { - error = EPERM; - break; - } - error = kauth_authorize_process(curproc->p_cred, KAUTH_PROCESS_CANSEE, tp, KAUTH_ARG(KAUTH_REQ_PROCESS_CANSEE_ENTRY), NULL, NULL);