diff options
| author |   uebayasi <uebayasi@openbsd.org> | 2014-12-05 04:35:08 +0000 |
|---|---|---|
| committer | uebayasi <uebayasi@openbsd.org> | 2014-12-05 04:35:08 +0000 |
| commit | 747ce49b4e26209a3aaa0d97a22da672c758f04e (patch) | |
| tree | ac3adc324dd9223d008c7172d11360d324a04a2e | |
| parent | Introduce a new sysctl to retrieve VM map entries (diff) | |
| download | wireguard-openbsd-747ce49b4e26209a3aaa0d97a22da672c758f04e.tar.xz wireguard-openbsd-747ce49b4e26209a3aaa0d97a22da672c758f04e.zip | |
Allow only root to use KERN_PROC_VMMAP until it is really proven safe.
OK deraadt@
| -rw-r--r-- | sys/kern/kern_sysctl.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/sys/kern/kern_sysctl.c b/sys/kern/kern_sysctl.c index b0bb84e35cd..df63db8649c 100644 --- a/sys/kern/kern_sysctl.c +++ b/sys/kern/kern_sysctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_sysctl.c,v 1.273 2014/12/05 04:12:48 uebayasi Exp $ */ +/* $OpenBSD: kern_sysctl.c,v 1.274 2014/12/05 04:35:08 uebayasi Exp $ */ /* $NetBSD: kern_sysctl.c,v 1.17 1996/05/20 17:49:05 mrg Exp $ */ /*- @@ -1877,6 +1877,11 @@ sysctl_proc_vmmap(int *name, u_int namelen, void *oldp, size_t *oldlenp, pid = name[0]; if (pid > 0) { +#if 1 + /* XXX Allow only root for now */ + if ((error = suser(cp, 0)) != 0) + return (error); +#endif if ((findpr = prfind(pid)) == NULL) return (ESRCH); |