On Tuesday 15 November 2005 02:08, Peter Chubb wrote:
> >> You need to wrap this with a read_lock(&tasklist_lock) to be safe,
> >> I think.
>
> Claudio> Right. Probably this was the meaning also of Hua's
> Claudio> mail. Sorry, but I didn't get it immediately.
>
> Claudio> So, what if I do as follows ? Do you see any problem with
> Claudio> this solution ?
>
> You should probably restrict the ability to read a process's usage to
> a suitably privileged user -- i.e., effective uid same as the task's,
> or capable(CAP_SYS_RESOURCE) or maybe capable(CAP_SYS_ADMIN)
So, is CAP_SYS_PTRACE (as done in the patch below) not enough ?
Honestly, I don't see any problem in allowing any user to know usage
information about _his_ processes...
Many thanks,
Claudio
Signed-off-by: Claudio Scordino <cloud.of.andor@xxxxxxxxx>
diff --git a/kernel/sys.c b/kernel/sys.c
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -1746,9 +1746,29 @@ int getrusage(struct task_struct *p, int
asmlinkage long sys_getrusage(int who, struct rusage __user *ru)
{
- if (who != RUSAGE_SELF && who != RUSAGE_CHILDREN)
- return -EINVAL;
- return getrusage(current, who, ru);
+ struct rusage r;
+ struct task_struct* tsk = current;
+ read_lock(&tasklist_lock);
+ if ((who != RUSAGE_SELF) && (who != RUSAGE_CHILDREN)) {
+ tsk = find_task_by_pid(who);
+ if ((tsk == NULL) || (who <=0))
+ goto bad;
+ if (((current->uid != tsk->euid) ||
+ (current->uid != tsk->suid) ||
+ (current->uid != tsk->uid) ||
+ (current->gid != tsk->egid) ||
+ (current->gid != tsk->sgid) ||
+ (current->gid != tsk->gid)) && !capable(CAP_SYS_PTRACE))
+ goto bad;
+ who = RUSAGE_SELF;
+ }
+ k_getrusage(tsk, who, &r);
+ read_unlock(&tasklist_lock);
+ return copy_to_user(ru, &r, sizeof(r)) ? -EFAULT : 0;
+
+ bad:
+ read_unlock(&tasklist_lock);
+ return tsk ? -EPERM : -EINVAL;
}
asmlinkage long sys_umask(int mask)
--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive: http://mail.nl.linux.org/kernelnewbies/
FAQ: http://kernelnewbies.org/faq/
