From frf@xocolatl.com  Tue Sep  2 17:38:28 2008
Return-Path: <frf@xocolatl.com>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 2827F1065674
	for <FreeBSD-gnats-submit@freebsd.org>; Tue,  2 Sep 2008 17:38:28 +0000 (UTC)
	(envelope-from frf@xocolatl.com)
Received: from sour.xocolatl.com (xocolatl.com [216.240.48.11])
	by mx1.freebsd.org (Postfix) with ESMTP id F1A678FC28
	for <FreeBSD-gnats-submit@freebsd.org>; Tue,  2 Sep 2008 17:38:27 +0000 (UTC)
	(envelope-from frf@xocolatl.com)
Received: from sour.xocolatl.com (localhost [127.0.0.1])
	by sour.xocolatl.com (8.14.2/8.14.2) with ESMTP id m82HHCnm098578
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 2 Sep 2008 10:17:12 -0700 (PDT)
	(envelope-from frf@sour.xocolatl.com)
Received: (from frf@localhost)
	by sour.xocolatl.com (8.14.2/8.14.2/Submit) id m82HHBcO098577;
	Tue, 2 Sep 2008 10:17:11 -0700 (PDT)
	(envelope-from frf)
Message-Id: <200809021717.m82HHBcO098577@sour.xocolatl.com>
Date: Tue, 2 Sep 2008 10:17:11 -0700 (PDT)
From: Robert Faulds <frf@xocolatl.com>
Reply-To: Robert Faulds <frf@xocolatl.com>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: systat(1) information leak when security.bsd.see_other_uids=0
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         127048
>Category:       kern
>Synopsis:       systat(1) information leak when security.bsd.see_other_uids=0
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    jilles
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Sep 02 17:40:03 UTC 2008
>Closed-Date:    Mon Apr 14 16:42:15 UTC 2014
>Last-Modified:  Tue Apr 15 01:40:02 UTC 2014
>Originator:     Robert Faulds
>Release:        FreeBSD 7.0-STABLE i386
>Organization:
>Environment:
System: FreeBSD sour.xocolatl.com 7.0-STABLE FreeBSD 7.0-STABLE #29: Tue Aug 5 05:29:58 PDT 2008 root@sour.xocolatl.com:/usr/obj/usr/src/sys/SOUR i386


>Description:
	When security.bsd.see_other_uids=0, systat -net displays all
network connections.  Not just those of the UID running systat.
>How-To-Repeat:
Set security.bsd.see_other_uids=0
As non-root user, run systat -net and view all sockets. Compare this
with netstat as the same user.
>Fix:
Unknown.... Sorry.
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback 
State-Changed-By: jilles 
State-Changed-When: Sun Apr 13 20:41:07 UTC 2014 
State-Changed-Why:  
I tested this on stable/9 and head (11.0) and it appears to work properly. 

Either this was fixed since 7.0 or there is something special about 
your environment. 

Make sure that /usr/bin/systat does not have setuid/setgid bits set; 
if so, it will read from kernel memory and ignore 
security.bsd.see_other_uids. 

Can you provide more information? 


Responsible-Changed-From-To: freebsd-bugs->jilles 
Responsible-Changed-By: jilles 
Responsible-Changed-When: Sun Apr 13 20:41:07 UTC 2014 
Responsible-Changed-Why:  
Track replies. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=127048 
State-Changed-From-To: feedback->closed 
State-Changed-By: jilles 
State-Changed-When: Mon Apr 14 16:40:59 UTC 2014 
State-Changed-Why:  
The submitter reports the problem was fixed. 
Thanks. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=127048 

From: Mark Linimon <linimon@lonesome.com>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/127048: systat(1) information leak when
 security.bsd.see_other_uids=0
Date: Mon, 14 Apr 2014 20:38:13 -0500

 ----- Forwarded message from Robert Faulds <frf@faulds.net> -----
 
 Date: Mon, 14 Apr 2014 15:51:15 +0200
 From: Robert Faulds <frf@faulds.net>
 To: jilles@FreeBSD.org, freebsd-bugs@FreeBSD.org
 Subject: Re: kern/127048: systat(1) information leak when security.bsd.see_other_uids=0
 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.4.0
 
 This was fixed many years ago.
 Dunno why the bug is still open. I had completely forgotten about it.
 
 Robert
 
 ----- End forwarded message -----
>Unformatted:
