- change setgid kmem programs (that lend themselves to this) so setegid(getgid())
and the top, and then set the effective gid back to kmem around the call to kvm_openfiles(). this reduces the time group kmem is available. - for those above that also allow this, setgid(getgid()) after the call to kvm_openfiles() to fully revoke priviledges. - some KNF - use err(3) over fprintf(3) in some places
This commit is contained in:
parent
32f519716b
commit
80efe80bc9
19
bin/ps/ps.c
19
bin/ps/ps.c
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: ps.c,v 1.20 1997/09/14 08:57:38 lukem Exp $ */
|
||||
/* $NetBSD: ps.c,v 1.21 1998/07/06 07:50:18 mrg Exp $ */
|
||||
|
||||
/*-
|
||||
* Copyright (c) 1990, 1993, 1994
|
||||
@ -43,7 +43,7 @@ __COPYRIGHT("@(#) Copyright (c) 1990, 1993, 1994\n\
|
||||
#if 0
|
||||
static char sccsid[] = "@(#)ps.c 8.4 (Berkeley) 4/2/94";
|
||||
#else
|
||||
__RCSID("$NetBSD: ps.c,v 1.20 1997/09/14 08:57:38 lukem Exp $");
|
||||
__RCSID("$NetBSD: ps.c,v 1.21 1998/07/06 07:50:18 mrg Exp $");
|
||||
#endif
|
||||
#endif /* not lint */
|
||||
|
||||
@ -116,10 +116,12 @@ main(argc, argv)
|
||||
dev_t ttydev;
|
||||
pid_t pid;
|
||||
uid_t uid;
|
||||
gid_t egid = getegid();
|
||||
int all, ch, flag, i, fmt, lineno, nentries;
|
||||
int prtheader, wflag, what, xflg;
|
||||
char *nlistf, *memf, *swapf, errbuf[_POSIX2_LINE_MAX];
|
||||
|
||||
(void)setegid(getgid());
|
||||
if ((ioctl(STDOUT_FILENO, TIOCGWINSZ, (char *)&ws) == -1 &&
|
||||
ioctl(STDERR_FILENO, TIOCGWINSZ, (char *)&ws) == -1 &&
|
||||
ioctl(STDIN_FILENO, TIOCGWINSZ, (char *)&ws) == -1) ||
|
||||
@ -265,16 +267,23 @@ main(argc, argv)
|
||||
}
|
||||
#endif
|
||||
/*
|
||||
* Discard setgid privileges if not the running kernel so that bad
|
||||
* guys can't print interesting stuff from kernel memory.
|
||||
* Discard setgid privileges. If not the running kernel, we toss
|
||||
* them away totally so that bad guys can't print interesting stuff
|
||||
* from kernel memory, otherwise switch back to kmem for the
|
||||
* duration of the kvm_openfiles() call.
|
||||
*/
|
||||
if (nlistf != NULL || memf != NULL || swapf != NULL)
|
||||
setgid(getgid());
|
||||
(void)setgid(getgid());
|
||||
else
|
||||
(void)setegid(egid);
|
||||
|
||||
kd = kvm_openfiles(nlistf, memf, swapf, O_RDONLY, errbuf);
|
||||
if (kd == 0)
|
||||
errx(1, "%s", errbuf);
|
||||
|
||||
if (nlistf == NULL && memf == NULL && swapf == NULL)
|
||||
(void)setgid(getgid());
|
||||
|
||||
if (!fmt)
|
||||
parsefmt(dfmt);
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: ccdconfig.c,v 1.19 1998/02/03 09:13:49 mrg Exp $ */
|
||||
/* $NetBSD: ccdconfig.c,v 1.20 1998/07/06 07:50:19 mrg Exp $ */
|
||||
|
||||
/*-
|
||||
* Copyright (c) 1996, 1997 The NetBSD Foundation, Inc.
|
||||
@ -41,7 +41,7 @@
|
||||
__COPYRIGHT(
|
||||
"@(#) Copyright (c) 1996, 1997\
|
||||
The NetBSD Foundation, Inc. All rights reserved.");
|
||||
__RCSID("$NetBSD: ccdconfig.c,v 1.19 1998/02/03 09:13:49 mrg Exp $");
|
||||
__RCSID("$NetBSD: ccdconfig.c,v 1.20 1998/07/06 07:50:19 mrg Exp $");
|
||||
#endif
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -70,7 +70,9 @@ __RCSID("$NetBSD: ccdconfig.c,v 1.19 1998/02/03 09:13:49 mrg Exp $");
|
||||
|
||||
extern char *__progname;
|
||||
|
||||
|
||||
static size_t lineno;
|
||||
static gid_t egid;
|
||||
static int verbose;
|
||||
static char *ccdconf = _PATH_CCDCONF;
|
||||
|
||||
@ -122,6 +124,8 @@ main(argc, argv)
|
||||
{
|
||||
int ch, options = 0, action = CCD_CONFIG;
|
||||
|
||||
egid = getegid();
|
||||
setegid(getgid());
|
||||
while ((ch = getopt(argc, argv, "cCf:gM:N:suUv")) != -1) {
|
||||
switch (ch) {
|
||||
case 'c':
|
||||
@ -179,10 +183,15 @@ main(argc, argv)
|
||||
usage();
|
||||
|
||||
/*
|
||||
* Discard setgid privileges if not the running kernel so that bad
|
||||
* guys can't print interesting stuff from kernel memory.
|
||||
* Discard setgid privileges. If not the running kernel, we toss
|
||||
* them away totally so that bad guys can't print interesting stuff
|
||||
* from kernel memory, otherwise switch back to kmem for the
|
||||
* duration of the kvm_openfiles() call.
|
||||
*
|
||||
* We also do this if we aren't just looking...
|
||||
*/
|
||||
if (core != NULL || kernel != NULL)
|
||||
if (core != NULL || kernel != NULL ||
|
||||
(action != CCD_DUMP && action != CCD_STATS))
|
||||
setgid(getgid());
|
||||
|
||||
switch (action) {
|
||||
@ -335,11 +344,9 @@ do_all(action)
|
||||
char *line, *cp, *vp, **argv;
|
||||
int argc, rval;
|
||||
size_t len;
|
||||
gid_t egid;
|
||||
|
||||
rval = 0;
|
||||
|
||||
egid = getegid();
|
||||
(void)setegid(getgid());
|
||||
if ((f = fopen(ccdconf, "r")) == NULL) {
|
||||
(void)setegid(egid);
|
||||
@ -520,11 +527,13 @@ dump_ccd(argc, argv, action)
|
||||
|
||||
memset(errbuf, 0, sizeof(errbuf));
|
||||
|
||||
(void)setegid(egid);
|
||||
if ((kd = kvm_openfiles(kernel, core, NULL, O_RDONLY,
|
||||
errbuf)) == NULL) {
|
||||
warnx("can't open kvm: %s", errbuf);
|
||||
return (1);
|
||||
}
|
||||
(void)setgid(getgid());
|
||||
|
||||
if (kvm_nlist(kd, nl))
|
||||
KVM_ABORT(kd, "ccd-related symbols not available");
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: fstat.c,v 1.25 1998/07/03 15:49:25 msaitoh Exp $ */
|
||||
/* $NetBSD: fstat.c,v 1.26 1998/07/06 07:50:19 mrg Exp $ */
|
||||
|
||||
/*-
|
||||
* Copyright (c) 1988, 1993
|
||||
@ -43,7 +43,7 @@ __COPYRIGHT("@(#) Copyright (c) 1988, 1993\n\
|
||||
#if 0
|
||||
static char sccsid[] = "@(#)fstat.c 8.3 (Berkeley) 5/2/95";
|
||||
#else
|
||||
__RCSID("$NetBSD: fstat.c,v 1.25 1998/07/03 15:49:25 msaitoh Exp $");
|
||||
__RCSID("$NetBSD: fstat.c,v 1.26 1998/07/06 07:50:19 mrg Exp $");
|
||||
#endif
|
||||
#endif /* not lint */
|
||||
|
||||
@ -171,7 +171,9 @@ main(argc, argv)
|
||||
char *memf, *nlistf;
|
||||
char buf[_POSIX2_LINE_MAX];
|
||||
int cnt;
|
||||
gid_t egid = getegid();
|
||||
|
||||
(void)setegid(getgid());
|
||||
arg = 0;
|
||||
what = KERN_PROC_ALL;
|
||||
nlistf = memf = NULL;
|
||||
@ -238,16 +240,23 @@ main(argc, argv)
|
||||
}
|
||||
|
||||
/*
|
||||
* Discard setgid privileges if not the running kernel so that bad
|
||||
* guys can't print interesting stuff from kernel memory.
|
||||
* Discard setgid privileges. If not the running kernel, we toss
|
||||
* them away totally so that bad guys can't print interesting stuff
|
||||
* from kernel memory, otherwise switch back to kmem for the
|
||||
* duration of the kvm_openfiles() call.
|
||||
*/
|
||||
if (nlistf != NULL || memf != NULL)
|
||||
setgid(getgid());
|
||||
(void)setgid(getgid());
|
||||
else
|
||||
(void)setegid(egid);
|
||||
|
||||
if ((kd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, buf)) == NULL)
|
||||
errx(1, "%s", buf);
|
||||
|
||||
/* get rid of it now anyway */
|
||||
if (nlistf == NULL && memf == NULL)
|
||||
(void)setgid(getgid());
|
||||
|
||||
if ((kd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, buf)) == NULL) {
|
||||
fprintf(stderr, "fstat: %s\n", buf);
|
||||
exit(1);
|
||||
}
|
||||
#ifdef notdef
|
||||
if (kvm_nlist(kd, nl) != 0) {
|
||||
fprintf(stderr, "fstat: no namelist: %s\n", kvm_geterr(kd));
|
||||
@ -744,7 +753,7 @@ getinetproto(number)
|
||||
{
|
||||
char *cp;
|
||||
|
||||
switch(number) {
|
||||
switch (number) {
|
||||
case IPPROTO_IP:
|
||||
cp = "ip"; break;
|
||||
case IPPROTO_ICMP:
|
||||
@ -797,6 +806,7 @@ getfname(filename)
|
||||
void
|
||||
usage()
|
||||
{
|
||||
|
||||
(void)fprintf(stderr,
|
||||
"usage: fstat [-fnv] [-p pid] [-u user] [-N system] [-M core] [file ...]\n");
|
||||
exit(1);
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: ipcs.c,v 1.15 1998/04/01 21:10:30 kleink Exp $ */
|
||||
/* $NetBSD: ipcs.c,v 1.16 1998/07/06 07:50:19 mrg Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 1994 SigmaSoft, Th. Lockert <tholo@sigmasoft.com>
|
||||
@ -143,6 +143,7 @@ main(argc, argv)
|
||||
char *core = NULL, *namelist = NULL;
|
||||
char errbuf[_POSIX2_LINE_MAX];
|
||||
int i;
|
||||
gid_t egid = getegid();
|
||||
|
||||
while ((i = getopt(argc, argv, "MmQqSsabC:cN:optT")) != -1)
|
||||
switch (i) {
|
||||
@ -196,16 +197,24 @@ main(argc, argv)
|
||||
}
|
||||
|
||||
/*
|
||||
* Discard setgid privelidges if not the running kernel so that
|
||||
* bad guys can't print interesting stuff from kernel memory.
|
||||
* Discard setgid privileges. If not the running kernel, we toss
|
||||
* them away totally so that bad guys can't print interesting stuff
|
||||
* from kernel memory, otherwise switch back to kmem for the
|
||||
* duration of the kvm_openfiles() call.
|
||||
*/
|
||||
if (namelist != NULL || core != NULL)
|
||||
setgid(getgid());
|
||||
(void)setgid(getgid());
|
||||
else
|
||||
(void)setegid(egid);
|
||||
|
||||
if ((kd = kvm_openfiles(namelist, core, NULL, O_RDONLY,
|
||||
errbuf)) == NULL)
|
||||
errx(1, "can't open kvm: %s", errbuf);
|
||||
|
||||
/* get rid of it now anyway */
|
||||
if (namelist == NULL && core == NULL)
|
||||
(void)setgid(getgid());
|
||||
|
||||
switch (kvm_nlist(kd, symbols)) {
|
||||
case 0:
|
||||
break;
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: main.c,v 1.14 1998/06/03 02:41:11 thorpej Exp $ */
|
||||
/* $NetBSD: main.c,v 1.15 1998/07/06 07:50:19 mrg Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 1983, 1988, 1993
|
||||
@ -43,7 +43,7 @@ __COPYRIGHT("@(#) Copyright (c) 1983, 1988, 1993\n\
|
||||
#if 0
|
||||
static char sccsid[] = "from: @(#)main.c 8.4 (Berkeley) 3/1/94";
|
||||
#else
|
||||
__RCSID("$NetBSD: main.c,v 1.14 1998/06/03 02:41:11 thorpej Exp $");
|
||||
__RCSID("$NetBSD: main.c,v 1.15 1998/07/06 07:50:19 mrg Exp $");
|
||||
#endif
|
||||
#endif /* not lint */
|
||||
|
||||
@ -55,6 +55,7 @@ __RCSID("$NetBSD: main.c,v 1.14 1998/06/03 02:41:11 thorpej Exp $");
|
||||
#include <netinet/in.h>
|
||||
|
||||
#include <ctype.h>
|
||||
#include <err.h>
|
||||
#include <errno.h>
|
||||
#include <kvm.h>
|
||||
#include <limits.h>
|
||||
@ -225,7 +226,9 @@ main(argc, argv)
|
||||
char *nlistf = NULL, *memf = NULL;
|
||||
char buf[_POSIX2_LINE_MAX], *cp;
|
||||
u_long pcbaddr;
|
||||
gid_t egid = getegid();
|
||||
|
||||
(void)setegid(getgid());
|
||||
tp = NULL;
|
||||
af = AF_UNSPEC;
|
||||
pcbaddr = 0;
|
||||
@ -345,17 +348,23 @@ main(argc, argv)
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Discard setgid privileges if not the running kernel so that bad
|
||||
* guys can't print interesting stuff from kernel memory.
|
||||
* Discard setgid privileges. If not the running kernel, we toss
|
||||
* them away totally so that bad guys can't print interesting stuff
|
||||
* from kernel memory, otherwise switch back to kmem for the
|
||||
* duration of the kvm_openfiles() call.
|
||||
*/
|
||||
if (nlistf != NULL || memf != NULL)
|
||||
setgid(getgid());
|
||||
(void)setgid(getgid());
|
||||
else
|
||||
(void)setegid(egid);
|
||||
|
||||
if ((kvmd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY,
|
||||
buf)) == NULL) {
|
||||
fprintf(stderr, "%s: kvm_open: %s\n", __progname, buf);
|
||||
exit(1);
|
||||
}
|
||||
buf)) == NULL)
|
||||
errx(1, "%s", buf);
|
||||
|
||||
if (nlistf == NULL && memf == NULL)
|
||||
(void)setgid(getgid());
|
||||
|
||||
if (kvm_nlist(kvmd, nl) < 0 || nl[0].n_type == 0) {
|
||||
if (nlistf)
|
||||
fprintf(stderr, "%s: %s: no namelist\n", __progname,
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: nfsstat.c,v 1.13 1998/07/05 08:15:16 mrg Exp $ */
|
||||
/* $NetBSD: nfsstat.c,v 1.14 1998/07/06 07:50:20 mrg Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 1983, 1989, 1993
|
||||
@ -46,7 +46,7 @@ __COPYRIGHT("@(#) Copyright (c) 1983, 1989, 1993\n\
|
||||
#if 0
|
||||
static char sccsid[] = "from: @(#)nfsstat.c 8.1 (Berkeley) 6/6/93";
|
||||
#else
|
||||
__RCSID("$NetBSD: nfsstat.c,v 1.13 1998/07/05 08:15:16 mrg Exp $");
|
||||
__RCSID("$NetBSD: nfsstat.c,v 1.14 1998/07/06 07:50:20 mrg Exp $");
|
||||
#endif
|
||||
#endif /* not lint */
|
||||
|
||||
@ -99,7 +99,9 @@ main(argc, argv)
|
||||
int ch;
|
||||
char *memf, *nlistf;
|
||||
char errbuf[_POSIX2_LINE_MAX];
|
||||
gid_t egid = getegid();
|
||||
|
||||
(void)setegid(getgid());
|
||||
interval = 0;
|
||||
memf = nlistf = NULL;
|
||||
printall = 1;
|
||||
@ -141,15 +143,23 @@ main(argc, argv)
|
||||
}
|
||||
#endif
|
||||
/*
|
||||
* Discard setgid privileges if not the running kernel so that bad
|
||||
* guys can't print interesting stuff from kernel memory.
|
||||
* Discard setgid privileges. If not the running kernel, we toss
|
||||
* them away totally so that bad guys can't print interesting stuff
|
||||
* from kernel memory, otherwise switch back to kmem for the
|
||||
* duration of the kvm_openfiles() call.
|
||||
*/
|
||||
if (nlistf != NULL || memf != NULL)
|
||||
setgid(getgid());
|
||||
(void)setgid(getgid());
|
||||
else
|
||||
(void)setegid(egid);
|
||||
|
||||
if ((kd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, errbuf)) == 0)
|
||||
errx(1, "kvm_openfiles: %s", errbuf);
|
||||
setgid(getgid()); /* do this now anyway */
|
||||
|
||||
/* get rid of it now anyway */
|
||||
if (nlistf == NULL && memf == NULL)
|
||||
(void)setgid(getgid());
|
||||
|
||||
if (kvm_nlist(kd, nl) != 0)
|
||||
errx(1, "kvm_nlist: can't get names");
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: dkstats.c,v 1.3 1998/07/05 08:02:34 mrg Exp $ */
|
||||
/* $NetBSD: dkstats.c,v 1.4 1998/07/06 07:50:20 mrg Exp $ */
|
||||
|
||||
/*
|
||||
* Copyright (c) 1996 John M. Vinopal
|
||||
@ -191,6 +191,9 @@ dkinit(select)
|
||||
if ((kd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, errbuf)) == NULL)
|
||||
errx(1, "kvm_openfiles: %s", errbuf);
|
||||
|
||||
/* we are finished with privs now */
|
||||
(void)setgid(getgid());
|
||||
|
||||
/* Obtain the namelist symbols from the kernel. */
|
||||
if (kvm_nlist(kd, namelist))
|
||||
KVM_ERROR("kvm_nlist failed to read symbols.");
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: vmstat.c,v 1.47 1998/07/05 08:02:34 mrg Exp $ */
|
||||
/* $NetBSD: vmstat.c,v 1.48 1998/07/06 07:50:20 mrg Exp $ */
|
||||
|
||||
/*-
|
||||
* Copyright (c) 1998 The NetBSD Foundation, Inc.
|
||||
@ -80,7 +80,7 @@ __COPYRIGHT("@(#) Copyright (c) 1980, 1986, 1991, 1993\n\
|
||||
#if 0
|
||||
static char sccsid[] = "@(#)vmstat.c 8.2 (Berkeley) 3/1/95";
|
||||
#else
|
||||
__RCSID("$NetBSD: vmstat.c,v 1.47 1998/07/05 08:02:34 mrg Exp $");
|
||||
__RCSID("$NetBSD: vmstat.c,v 1.48 1998/07/06 07:50:20 mrg Exp $");
|
||||
#endif
|
||||
#endif /* not lint */
|
||||
|
||||
@ -224,10 +224,12 @@ main(argc, argv)
|
||||
u_int interval;
|
||||
int reps;
|
||||
char errbuf[_POSIX2_LINE_MAX];
|
||||
gid_t egid = getegid();
|
||||
#if defined(UVM)
|
||||
const char *histname = NULL;
|
||||
#endif
|
||||
|
||||
(void)setegid(getgid());
|
||||
memf = nlistf = NULL;
|
||||
interval = reps = todo = 0;
|
||||
#if defined(UVM)
|
||||
@ -285,17 +287,25 @@ main(argc, argv)
|
||||
todo = VMSTAT;
|
||||
|
||||
/*
|
||||
* Discard setgid privileges if not the running kernel so that bad
|
||||
* guys can't print interesting stuff from kernel memory.
|
||||
* Discard setgid privileges. If not the running kernel, we toss
|
||||
* them away totally so that bad guys can't print interesting stuff
|
||||
* from kernel memory, otherwise switch back to kmem for the
|
||||
* duration of the kvm_openfiles() call.
|
||||
*/
|
||||
if (nlistf != NULL || memf != NULL)
|
||||
setgid(getgid());
|
||||
(void)setgid(getgid());
|
||||
else
|
||||
(void)setegid(egid);
|
||||
|
||||
kd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, errbuf);
|
||||
if (kd == 0) {
|
||||
(void)fprintf(stderr,
|
||||
"vmstat: kvm_openfiles: %s\n", errbuf);
|
||||
exit(1);
|
||||
if (kd == 0)
|
||||
errx(1, "kvm_openfiles: %s\n", errbuf);
|
||||
|
||||
if (nlistf == NULL && memf == NULL) {
|
||||
if (todo & VMSTAT)
|
||||
(void)setegid(getgid()); /* XXX: dkinit */
|
||||
else
|
||||
(void)setgid(getgid());
|
||||
}
|
||||
|
||||
if ((c = kvm_nlist(kd, namelist)) != 0) {
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: w.c,v 1.29 1998/07/06 06:56:43 mrg Exp $ */
|
||||
/* $NetBSD: w.c,v 1.30 1998/07/06 07:50:20 mrg Exp $ */
|
||||
|
||||
/*-
|
||||
* Copyright (c) 1980, 1991, 1993, 1994
|
||||
@ -43,7 +43,7 @@ __COPYRIGHT("@(#) Copyright (c) 1980, 1991, 1993, 1994\n\
|
||||
#if 0
|
||||
static char sccsid[] = "@(#)w.c 8.6 (Berkeley) 6/30/94";
|
||||
#else
|
||||
__RCSID("$NetBSD: w.c,v 1.29 1998/07/06 06:56:43 mrg Exp $");
|
||||
__RCSID("$NetBSD: w.c,v 1.30 1998/07/06 07:50:20 mrg Exp $");
|
||||
#endif
|
||||
#endif /* not lint */
|
||||
|
||||
@ -130,9 +130,12 @@ main(argc, argv)
|
||||
FILE *ut;
|
||||
struct in_addr l;
|
||||
int ch, i, nentries, nusers, wcmd;
|
||||
gid_t egid = getegid();
|
||||
char *memf, *nlistf, *p, *x;
|
||||
char buf[MAXHOSTNAMELEN], errbuf[_POSIX2_LINE_MAX];
|
||||
|
||||
(void)setegid(getgid());
|
||||
|
||||
/* Are we w(1) or uptime(1)? */
|
||||
p = __progname;
|
||||
if (*p == '-')
|
||||
@ -175,15 +178,23 @@ main(argc, argv)
|
||||
argv += optind;
|
||||
|
||||
/*
|
||||
* Discard setgid privelidges if not the running kernel so that
|
||||
* bad guys can't print interesting stuff from kernel memory.
|
||||
* Discard setgid privileges. If not the running kernel, we toss
|
||||
* them away totally so that bad guys can't print interesting stuff
|
||||
* from kernel memory, otherwise switch back to kmem for the
|
||||
* duration of the kvm_openfiles() call.
|
||||
*/
|
||||
if (nlistf != NULL || memf != NULL)
|
||||
setgid(getgid());
|
||||
(void)setgid(getgid());
|
||||
else
|
||||
(void)setegid(egid);
|
||||
|
||||
if ((kd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, errbuf)) == NULL)
|
||||
if ((kd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, buf)) == NULL)
|
||||
errx(1, "%s", errbuf);
|
||||
|
||||
/* get rid of it now anyway */
|
||||
if (nlistf == NULL && memf == NULL)
|
||||
(void)setgid(getgid());
|
||||
|
||||
(void)time(&now);
|
||||
if ((ut = fopen(_PATH_UTMP, "r")) == NULL)
|
||||
err(1, "%s", _PATH_UTMP);
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: slstats.c,v 1.10 1997/10/18 11:38:26 lukem Exp $ */
|
||||
/* $NetBSD: slstats.c,v 1.11 1998/07/06 07:50:20 mrg Exp $ */
|
||||
|
||||
/*
|
||||
* print serial line IP statistics:
|
||||
@ -25,7 +25,7 @@
|
||||
|
||||
#include <sys/cdefs.h>
|
||||
#ifndef lint
|
||||
__RCSID("$NetBSD: slstats.c,v 1.10 1997/10/18 11:38:26 lukem Exp $");
|
||||
__RCSID("$NetBSD: slstats.c,v 1.11 1998/07/06 07:50:20 mrg Exp $");
|
||||
#endif
|
||||
|
||||
#define INET
|
||||
@ -87,8 +87,10 @@ main(argc, argv)
|
||||
char *argv[];
|
||||
{
|
||||
char errbuf[_POSIX2_LINE_MAX];
|
||||
gid_t egid = getegid();
|
||||
int ch;
|
||||
|
||||
setegid(getgid());
|
||||
while ((ch = getopt(argc, argv, "i:M:N:v")) != -1) {
|
||||
switch (ch) {
|
||||
case 'i':
|
||||
@ -132,16 +134,24 @@ main(argc, argv)
|
||||
}
|
||||
|
||||
/*
|
||||
* Discard setgid privileges if not the running kernel so that bad
|
||||
* guys can't print interesting stuff from kernel memory.
|
||||
* Discard setgid privileges. If not the running kernel, we toss
|
||||
* them away totally so that bad guys can't print interesting stuff
|
||||
* from kernel memory, otherwise switch back to kmem for the
|
||||
* duration of the kvm_openfiles() call.
|
||||
*/
|
||||
if (kmemf != NULL || kernel != NULL)
|
||||
setgid(getgid());
|
||||
(void)setgid(getgid());
|
||||
else
|
||||
(void)setegid(egid);
|
||||
|
||||
memset(errbuf, 0, sizeof(errbuf));
|
||||
if ((kd = kvm_openfiles(kernel, kmemf, NULL, O_RDONLY, errbuf)) == NULL)
|
||||
errx(1, "can't open kvm: %s", errbuf);
|
||||
|
||||
/* get rid of it now anyway */
|
||||
if (kmemf == NULL && kernel == NULL)
|
||||
setgid(getgid());
|
||||
|
||||
if (kvm_nlist(kd, nl) < 0 || nl[0].n_type == 0)
|
||||
errx(1, "%s: SLIP symbols not in namelist",
|
||||
kernel == NULL ? _PATH_UNIX : kernel);
|
||||
@ -157,7 +167,7 @@ void
|
||||
usage()
|
||||
{
|
||||
|
||||
fprintf(stderr, "usage: %s [-M core] [-N system] [-i interval] %s",
|
||||
(void)fprintf(stderr, "usage: %s [-M core] [-N system] [-i interval] %s",
|
||||
__progname, "[-v] [unit]\n");
|
||||
exit(1);
|
||||
}
|
||||
@ -192,47 +202,46 @@ intpr()
|
||||
(void)alarm(interval);
|
||||
|
||||
if ((line % 20) == 0) {
|
||||
printf("%8.8s %6.6s %6.6s %6.6s %6.6s",
|
||||
(void)printf("%8.8s %6.6s %6.6s %6.6s %6.6s",
|
||||
"IN", "PACK", "COMP", "UNCOMP", "ERR");
|
||||
if (vflag)
|
||||
printf(" %6.6s %6.6s", "TOSS", "IP");
|
||||
printf(" | %8.8s %6.6s %6.6s %6.6s %6.6s",
|
||||
(void)printf(" | %8.8s %6.6s %6.6s %6.6s %6.6s",
|
||||
"OUT", "PACK", "COMP", "UNCOMP", "IP");
|
||||
if (vflag)
|
||||
printf(" %6.6s %6.6s", "SEARCH", "MISS");
|
||||
putchar('\n');
|
||||
(void)printf(" %6.6s %6.6s", "SEARCH", "MISS");
|
||||
(void)putchar('\n');
|
||||
}
|
||||
printf("%8lu %6ld %6u %6u %6u",
|
||||
(void)printf("%8lu %6ld %6u %6u %6u",
|
||||
V(sc_if.if_ibytes),
|
||||
(long)V(sc_if.if_ipackets),
|
||||
V(sc_comp.sls_compressedin),
|
||||
V(sc_comp.sls_uncompressedin),
|
||||
V(sc_comp.sls_errorin));
|
||||
if (vflag)
|
||||
printf(" %6u %6lu",
|
||||
(void)printf(" %6u %6lu",
|
||||
V(sc_comp.sls_tossed),
|
||||
V(sc_if.if_ipackets) -
|
||||
V(sc_comp.sls_compressedin) -
|
||||
V(sc_comp.sls_uncompressedin) -
|
||||
V(sc_comp.sls_errorin));
|
||||
printf(" | %8lu %6ld %6u %6u %6lu",
|
||||
(void)printf(" | %8lu %6ld %6u %6u %6lu",
|
||||
V(sc_if.if_obytes),
|
||||
V(sc_if.if_opackets),
|
||||
V(sc_comp.sls_compressed),
|
||||
V(sc_comp.sls_packets) - V(sc_comp.sls_compressed),
|
||||
V(sc_if.if_opackets) - V(sc_comp.sls_packets));
|
||||
if (vflag)
|
||||
printf(" %6u %6u",
|
||||
(void)printf(" %6u %6u",
|
||||
V(sc_comp.sls_searches),
|
||||
V(sc_comp.sls_misses));
|
||||
|
||||
putchar('\n');
|
||||
(void)putchar('\n');
|
||||
fflush(stdout);
|
||||
line++;
|
||||
oldmask = sigblock(sigmask(SIGALRM));
|
||||
if (! signalled) {
|
||||
if (!signalled)
|
||||
sigpause(0);
|
||||
}
|
||||
sigsetmask(oldmask);
|
||||
signalled = 0;
|
||||
(void)alarm(interval);
|
||||
@ -248,5 +257,6 @@ void
|
||||
catchalarm(dummy)
|
||||
int dummy;
|
||||
{
|
||||
|
||||
signalled = 1;
|
||||
}
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: trpt.c,v 1.7 1997/07/23 16:41:43 thorpej Exp $ */
|
||||
/* $NetBSD: trpt.c,v 1.8 1998/07/06 07:50:20 mrg Exp $ */
|
||||
|
||||
/*-
|
||||
* Copyright (c) 1997 The NetBSD Foundation, Inc.
|
||||
@ -81,7 +81,7 @@ __COPYRIGHT(
|
||||
#if 0
|
||||
static char sccsid[] = "@(#)trpt.c 8.1 (Berkeley) 6/6/93";
|
||||
#else
|
||||
__RCSID("$NetBSD: trpt.c,v 1.7 1997/07/23 16:41:43 thorpej Exp $");
|
||||
__RCSID("$NetBSD: trpt.c,v 1.8 1998/07/06 07:50:20 mrg Exp $");
|
||||
#endif
|
||||
#endif /* not lint */
|
||||
|
||||
@ -154,7 +154,9 @@ main(argc, argv)
|
||||
{
|
||||
int ch, i, jflag, npcbs;
|
||||
char *system, *core, *cp, errbuf[_POSIX2_LINE_MAX];
|
||||
gid_t egid = getegid();
|
||||
|
||||
(void)setegid(getgid());
|
||||
system = core = NULL;
|
||||
|
||||
jflag = npcbs = 0;
|
||||
@ -203,16 +205,24 @@ main(argc, argv)
|
||||
usage();
|
||||
|
||||
/*
|
||||
* Discard setgid privileged if not the running kernel so that bad
|
||||
* guys can't print interesting stuff from kernel memory.
|
||||
* Discard setgid privileges. If not the running kernel, we toss
|
||||
* them away totally so that bad guys can't print interesting stuff
|
||||
* from kernel memory, otherwise switch back to kmem for the
|
||||
* duration of the kvm_openfiles() call.
|
||||
*/
|
||||
if (core != NULL || system != NULL)
|
||||
setgid(getgid());
|
||||
else
|
||||
setegid(egid);
|
||||
|
||||
kd = kvm_openfiles(system, core, NULL, O_RDONLY, errbuf);
|
||||
if (kd == NULL)
|
||||
errx(1, "can't open kmem: %s", errbuf);
|
||||
|
||||
/* get rid of it now anyway */
|
||||
if (core == NULL && system == NULL)
|
||||
setgid(getgid());
|
||||
|
||||
if (kvm_nlist(kd, nl))
|
||||
errx(2, "%s: no namelist", system ? system : _PATH_UNIX);
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
/* $NetBSD: trsp.c,v 1.4 1997/07/23 18:20:49 thorpej Exp $ */
|
||||
/* $NetBSD: trsp.c,v 1.5 1998/07/06 07:50:21 mrg Exp $ */
|
||||
|
||||
/*-
|
||||
* Copyright (c) 1997 The NetBSD Foundation, Inc.
|
||||
@ -81,7 +81,7 @@ __COPYRIGHT(
|
||||
#if 0
|
||||
static char sccsid[] = "@(#)trsp.c 8.1 (Berkeley) 6/6/93";
|
||||
#else
|
||||
__RCSID("$NetBSD: trsp.c,v 1.4 1997/07/23 18:20:49 thorpej Exp $");
|
||||
__RCSID("$NetBSD: trsp.c,v 1.5 1998/07/06 07:50:21 mrg Exp $");
|
||||
#endif
|
||||
#endif /* not lint */
|
||||
|
||||
@ -159,7 +159,9 @@ main(argc, argv)
|
||||
{
|
||||
int ch, i, npcbs = 0;
|
||||
char *system, *core, *cp, errbuf[_POSIX2_LINE_MAX];
|
||||
gid_t egid = getegid();
|
||||
|
||||
(void)setegid(getgid());
|
||||
system = core = NULL;
|
||||
|
||||
while ((ch = getopt(argc, argv, "azstjp:N:M:")) != -1) {
|
||||
@ -209,12 +211,18 @@ main(argc, argv)
|
||||
*/
|
||||
if (core != NULL || system != NULL)
|
||||
setgid(getgid());
|
||||
else
|
||||
setegid(egid);
|
||||
|
||||
kd = kvm_openfiles(system, core, NULL, zflag ? O_RDWR : O_RDONLY,
|
||||
errbuf);
|
||||
if (kd == NULL)
|
||||
errx(1, "can't open kmem: %s", errbuf);
|
||||
|
||||
/* get rid of it now anyway */
|
||||
if (core == NULL && system == NULL)
|
||||
setgid(getgid());
|
||||
|
||||
if (kvm_nlist(kd, nl))
|
||||
errx(2, "%s: no namelist", system ? system : _PATH_UNIX);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user