Module Name: src
Committed By: pgoyette
Date: Mon Jan 11 01:45:27 UTC 2016
Modified Files:
src/share/man/man4: filemon.4
Log Message:
Remove current bug, now that PR kern/50627 is fixed. Add another security
consideration concerning re-used of the target/monitored process's pid.
To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 src/share/man/man4/filemon.4
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/share/man/man4/filemon.4
diff -u src/share/man/man4/filemon.4:1.17 src/share/man/man4/filemon.4:1.18
--- src/share/man/man4/filemon.4:1.17 Wed Jan 6 05:22:06 2016
+++ src/share/man/man4/filemon.4 Mon Jan 11 01:45:27 2016
@@ -1,4 +1,4 @@
-.\" $NetBSD: filemon.4,v 1.17 2016/01/06 05:22:06 wiz Exp $
+.\" $NetBSD: filemon.4,v 1.18 2016/01/11 01:45:27 pgoyette Exp $
.\"
.\" Copyright (c) 2011, Juniper Networks, Inc.
.\"
@@ -218,17 +218,11 @@ successful, and is thus more complex to
.Sh HISTORY
.Nm
was contributed by Juniper Networks.
-.Sh BUGS
-If the file descriptor to which monitored events are being written is
-numerically lower than the descriptor on which
-.Pa /dev/filemon
-is open, the monitoring process will hang when it calls
-.Xr exit 3
-or an attempt is made to close the output file descriptor.
-To avoid the hang, ensure that the file descriptor on which
-.Pa /dev/filemon
-is open gets closed first.
.Sh SECURITY CONSIDERATIONS
+If the monitored process exits, and its pid gets reused, filemon will
+continue to report events for the new process (and its descendants)
+without any authorization checks.
+.Pp
Monitoring of a process enables the target process to write to the
tracking process's file descriptor.
.Sh RESTRICTIONS
