Page MenuHomeFreeBSD

filemon exec: Cease tracing if credentials will change with the new image.
ClosedPublic

Authored by bdrewery on May 24 2016, 9:09 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Feb 28, 10:50 AM
Unknown Object (File)
Wed, Feb 28, 9:02 AM
Unknown Object (File)
Jan 24 2024, 2:26 PM
Unknown Object (File)
Jan 7 2024, 11:54 AM
Unknown Object (File)
Jan 7 2024, 11:54 AM
Unknown Object (File)
Jan 7 2024, 11:54 AM
Unknown Object (File)
Jan 7 2024, 11:54 AM
Unknown Object (File)
Jan 7 2024, 11:40 AM
Subscribers

Details

Summary

This also prevents tracing to a P_INEXEC process since it could race
with other processes attaching to it in filemon_event_process_exec() due
to the filemon_get_proc() race of incrementing ref and then locking the
filemon. With the no-P_INEXEC invariant in place the p_filemon may only
be the same or NULL when trying to drop it in
filemon_event_process_exec().

MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division

Test Plan

Ran filemon with script(1) with a suid binary and confirmed that no tracing of
the suid binary or its children were traced. Upon returning from the suid
process, the parent process continued to show its own tracing information.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

bdrewery retitled this revision from to filemon exec: Cease tracing if credentials will change with the new image..
bdrewery updated this object.
bdrewery edited the test plan for this revision. (Show Details)
bdrewery added reviewers: kib, mjg.
  • Replace removed credential_changing with more proper credential_setid - only cease tracing if going setid
This revision was automatically updated to reflect the committed changes.