Only allow to use ENVSYS_SETDICTIONARY if the user has write permission

in the /dev/sysmon device.

Use O_RDONLY for ENVSYS_GETDICTIONARY and O_RDWR for ENVSYS_SETDICTIONARY
in envstat(8).

Fixes PR kern/36661 by YAMAMOTO Takashi.

sys/dev/sysmon/sysmon_envsys.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: sysmon_envsys.c,v 1.21 2007/07/16 17:48:52 xtraeme Exp $	*/
+/*	$NetBSD: sysmon_envsys.c,v 1.22 2007/07/17 15:43:08 xtraeme Exp $	*/
 
 /*-
  * Copyright (c) 2007 The NetBSD Foundation, Inc.
@@ -75,12 +75,13 @@
  */
 
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: sysmon_envsys.c,v 1.21 2007/07/16 17:48:52 xtraeme Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sysmon_envsys.c,v 1.22 2007/07/17 15:43:08 xtraeme Exp $");
 
 #include <sys/param.h>
 #include <sys/types.h>
 #include <sys/conf.h>
 #include <sys/errno.h>
+#include <sys/fcntl.h>
 #include <sys/kernel.h>
 #include <sys/systm.h>
 #include <sys/proc.h>
@@ -250,6 +251,9 @@ sysmonioctl_envsys(dev_t dev, u_long cmd, void *data, int flag, struct lwp *l)
 		prop_object_t obj;
 		const char *devname = NULL;
 
+		if ((flag & FWRITE) == 0)
+			return EPERM;
+
 		/*
 		 * Get dictionary from userland.
 		 */

usr.sbin/envstat/envstat.c

@@ -1,4 +1,4 @@
-/* $NetBSD: envstat.c,v 1.35 2007/07/17 13:12:46 xtraeme Exp $ */
+/* $NetBSD: envstat.c,v 1.36 2007/07/17 15:43:08 xtraeme Exp $ */
 
 /*-
  * Copyright (c) 2007 The NetBSD Foundation, Inc.
@@ -265,6 +265,9 @@ send_dictionary(int fd)
 
 	/* we know the type of the sensor now, release kernel dict */
 	prop_object_release(dict);
+	/* we don't need the rdonly fd */
+	(void)close(fd);
+
 
 	/* 
 	 * part 2: userland dictionary.
@@ -475,6 +478,12 @@ do {									\
 	return error;
 #endif
 
+	if ((fd = open(_PATH_DEV_SYSMON, O_RDWR)) == -1) {
+		error = errno;
+		warnx("%s", strerror(errno));
+		goto out;
+	}
+
 	/* all done? send our dictionary now */
 	error = prop_dictionary_send_ioctl(udict, fd, ENVSYS_SETDICTIONARY);