From smkelly@zombie.org  Tue Aug 27 02:34:10 2002
Return-Path: <smkelly@zombie.org>
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 6812237B400; Tue, 27 Aug 2002 02:34:10 -0700 (PDT)
Received: from edgemaster.zombie.org (dhcp039-230.creighton.edu [147.134.39.230])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id E579443E3B; Tue, 27 Aug 2002 02:34:09 -0700 (PDT)
	(envelope-from smkelly@zombie.org)
Received: by edgemaster.zombie.org (Postfix, from userid 1001)
	id 5986F66B04; Tue, 27 Aug 2002 04:34:04 -0500 (CDT)
Message-Id: <20020827093404.5986F66B04@edgemaster.zombie.org>
Date: Tue, 27 Aug 2002 04:34:04 -0500 (CDT)
From: Sean Kelly <smkelly@zombie.org>
Reply-To: Sean Kelly <smkelly@zombie.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc: des@FreeBSD.org, nugget@slacker.com
Subject: kern.ps_showallprocs has no effect on /proc
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         42065
>Category:       kern
>Synopsis:       [kernel] [patch] kern.ps_showallprocs has no effect on /proc
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Tue Aug 27 02:40:01 PDT 2002
>Closed-Date:    Fri Jul 27 00:17:44 GMT 2007
>Last-Modified:  Fri Jul 27 00:17:44 GMT 2007
>Originator:     Sean Kelly
>Release:        FreeBSD 4.6-STABLE i386
>Organization:
>Environment:
System: FreeBSD edgemaster.zombie.org 4.6-STABLE FreeBSD 4.6-STABLE #3: Tue Aug 27 02:56:03 CDT 2002 root@edgemaster.zombie.org:/usr/obj/usr/src/sys/EDGEMASTER i386


	
>Description:
	When using the 'kern.ps_showallprocs' sysctl, the administrator can
	hide processes that don't belong to users if they don't own said
	processes. Unfortunately, /proc doesn't follow this sysctl and
	continues displaying all processes. This makes the sysctl useless if
	the /proc filesystem is necessary or desired.

>How-To-Repeat:
	# sysctl kern.ps_showallprocs=0
	$ ps ax
	$ ls /proc

>Fix:
	I have written a patch to allow this /proc to take advantage of this
	sysctl. The patch was also reviewed by jeff@FreeBSD.org. All testing
	shows that it seems to work fine. The patch merely modifies
	procfs_lookup() and procfs_readdir() functions.

Reviewed by: jeff

diff -ru sys.orig/kern/kern_proc.c sys/kern/kern_proc.c
--- sys.orig/kern/kern_proc.c	Tue May  1 08:39:06 2001
+++ sys/kern/kern_proc.c	Tue Aug 27 02:30:53 2002
@@ -55,7 +55,7 @@
 static MALLOC_DEFINE(M_PROC, "proc", "Proc structures");
 MALLOC_DEFINE(M_SUBPROC, "subproc", "Proc sub-structures");
 
-static int ps_showallprocs = 1;
+int ps_showallprocs = 1;
 SYSCTL_INT(_kern, OID_AUTO, ps_showallprocs, CTLFLAG_RW,
     &ps_showallprocs, 0, "");
 
diff -ru sys.orig/miscfs/procfs/procfs_vnops.c sys/miscfs/procfs/procfs_vnops.c
--- sys.orig/miscfs/procfs/procfs_vnops.c	Tue Jan 22 11:22:59 2002
+++ sys/miscfs/procfs/procfs_vnops.c	Tue Aug 27 04:25:39 2002
@@ -734,6 +734,10 @@
 		if (p == NULL)
 			break;
 
+		if (ps_showallprocs == 0 && ap->a_cnp->cn_cred->cr_uid != 0 &&
+		    ap->a_cnp->cn_cred->cr_uid != p->p_cred->pc_ucred->cr_uid)
+			break;
+
 		return (procfs_allocvp(dvp->v_mount, vpp, pid, Pproc));
 
 	case Pproc:
@@ -744,6 +748,10 @@
 		if (p == NULL)
 			break;
 
+		if (ps_showallprocs == 0 && ap->a_cnp->cn_cred->cr_uid != 0 &&
+		    ap->a_cnp->cn_cred->cr_uid != p->p_cred->pc_ucred->cr_uid)
+			break;
+
 		for (pt = proc_targets, i = 0; i < nproc_targets; pt++, i++) {
 			if (cnp->cn_namelen == pt->pt_namlen &&
 			    bcmp(pt->pt_name, pname, cnp->cn_namelen) == 0 &&
@@ -899,6 +907,16 @@
 					if (!p)
 						goto done;
 				}
+				if (ps_showallprocs == 0 && 
+				    ap->a_cred->cr_uid != 0 &&
+				    ap->a_cred->cr_uid !=
+				    p->p_cred->pc_ucred->cr_uid) {
+					p = p->p_list.le_next;
+					if (!p)
+						goto done;
+					break;
+				}
+
 				dp->d_fileno = PROCFS_FILENO(p->p_pid, Pproc);
 				dp->d_namlen = sprintf(dp->d_name, "%ld",
 				    (long)p->p_pid);
diff -ru sys.orig/sys/proc.h sys/sys/proc.h
--- sys.orig/sys/proc.h	Thu Jan 31 12:40:29 2002
+++ sys/sys/proc.h	Tue Aug 27 02:29:45 2002
@@ -415,6 +415,7 @@
 
 extern	u_long ps_arg_cache_limit;
 extern	int ps_argsopen;
+extern	int ps_showallprocs;
 
 struct proc *pfind __P((pid_t));	/* Find process by id. */
 struct pgrp *pgfind __P((pid_t));	/* Find process group by id. */


>Release-Note:
>Audit-Trail:

From: =?iso-8859-1?Q?Bj=F6rn_K=F6nig?= <bkoenig@alpha-tierchen.de>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/42065: [kernel] [patch] kern.ps_showallprocs has no 
     effect on /proc
Date: Thu, 26 Jul 2007 22:14:13 +0200 (CEST)

 This PR is obsolete. Please close it.
 
 kern.ps_showallprocs has been replaced by security.bsd.see_other_* and
 procfs works as intended of the originator of this PR.
 
State-Changed-From-To: open->closed 
State-Changed-By: linimon 
State-Changed-When: Fri Jul 27 00:17:12 UTC 2007 
State-Changed-Why:  
Followup notes that this has been fixed. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=42065 
>Unformatted:
