Page MenuHomeFreeBSD

netstat: strip the binary of sgid
AcceptedPublic

Authored by kevans on Oct 21 2024, 4:22 AM.
Tags
None
Referenced Files
F103539344: D47210.diff
Tue, Nov 26, 6:35 AM
Unknown Object (File)
Sun, Nov 24, 1:21 PM
Unknown Object (File)
Mon, Nov 18, 9:41 PM
Unknown Object (File)
Sat, Nov 16, 12:55 AM
Unknown Object (File)
Thu, Nov 7, 8:54 AM
Unknown Object (File)
Mon, Oct 28, 7:42 PM
Unknown Object (File)
Mon, Oct 28, 4:22 AM
Unknown Object (File)
Oct 26 2024, 9:07 PM
Subscribers

Details

Reviewers
glebius
markj
Group Reviewers
network
Summary

Everything in the live path seems to use sysctls these days, with kvm
only being used for pulling information from core dumps. Strip the
binary of /dev/{k,}mem access to reduce the surface area with access
to kmem.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped
Build Status
Buildable 60143
Build 57027: arc lint + arc unit

Event Timeline

There are some calls setgid(getgid()) in netstat which aim to drop privileges. I guess those should be removed too?

Drop setgid(2) calls meant to drop privileges, now that we don't have privs

There are some calls setgid(getgid()) in netstat which aim to drop privileges. I guess those should be removed too?

I also found one other call to kresolve_list() that I thought could go away, but it turns out that we actually still need /dev/mem for netstat -rs. Shelving this for the time being, but reimplementing rt_stats() for the live case doesn't seem like it'd be too difficult.

This revision is now accepted and ready to land.Oct 22 2024, 5:06 PM

I intend to commit this on the 21st if nobody objects -- the one month anniversary to netstat(1) switching to sysctl for routing stats.