0x01 About
0x02 Practical
0x03 Conclusion
0x04 Install
0x05 End
0x06 Greetz
0x01 About:
Autor: Rafael Lesniak / 05012003 Hannover / cache (at) irc (dot) pl [email concealed]
Sorry for My English
All: files are on:
http://www.sowatech.com.pl/cache/soft/proc-patch.tar.gz
This is a little information leak. This bug(?) is not dangerous, but
normal user can see all process on the box using ex. /bin/ps;
Affected Systems:
FreeBSD :possible all
OpenBSD :don't known
Linux :don't known
Other :don't known
0x02 Practical:
(I don't use /proc.)
Last login: Sun Jan 5 00:13:01 on ttyv0
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 4.7-RELEASE (SILENT) #1: Sun Jan 5 00:10:51 GMT 2003
Hi,
0x01 About
0x02 Practical
0x03 Conclusion
0x04 Install
0x05 End
0x06 Greetz
0x01 About:
Autor: Rafael Lesniak / 05012003 Hannover / cache (at) irc (dot) pl [email concealed]
Sorry for My English
All: files are on:
http://www.sowatech.com.pl/cache/soft/proc-patch.tar.gz
This is a little information leak. This bug(?) is not dangerous, but
normal user can see all process on the box using ex. /bin/ps;
Affected Systems:
FreeBSD :possible all
OpenBSD :don't known
Linux :don't known
Other :don't known
0x02 Practical:
(I don't use /proc.)
Last login: Sun Jan 5 00:13:01 on ttyv0
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 4.7-RELEASE (SILENT) #1: Sun Jan 5 00:10:51 GMT 2003
Welcome to FreeBSD!
[cache@silent][ttyv1] ~> grep "FreeBSD:" /usr/src/sys/i386/conf/LINT
# $FreeBSD: src/sys/i386/conf/LINT,v 1.749.2.124 2002/10/05 18:31:47 scottl
Exp
[cache@silent][ttyv1] ~> sysctl -a | grep show
kern.ps_showallprocs: 0
[cache@silent][ttyv1] ~> ps -auxwwwp 101
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 101 0,0 0,2 1020 740 ?? Is 0:12 0:00,01 /usr/sbin/cron
ps [-aCcefhjlmrSTuvwx] [-M core] [-N system] [-O fmt] [-o fmt] [-p pid]
[-t tty] [-U username]
-p Display information associated with the specified process ID.
--- cut ---
0x03 Conclusion:
I hope it is good idea to protect all process information
(any way, for what We need kern.ps_showallprocs?)
[cache@silent][ttyv1] ~> cat info.sh
#!/bin/sh
pid=0;
while x=0; do
/bin/ps -auxwwwp $pid | /usr/bin/grep $pid;
pid=`expr $pid + 1`;
done
--- cut ---
See out.log how it works.
0x04 Install:
$ mkdir /tmp/patch
$ cp proc-patch.tar.gz /tmp/patch
$ cd /tmp/patch
$ tar -zxvf proc-patch.tar.gz
$ su
# patch -p0 < proc.patch
--- cut ---
...
--------------------------
|*** /usr/src/sys/kern/kern_proc.c Tue May 1 13:39:06 2001
|--- /usr/src/sys/kern/kern_proc.c Sun Jan 5 00:18:40 2003
--------------------------
Patching file /usr/src/sys/kern/kern_proc.c using Plan A...
Hunk #1 succeeded at 453.
done
--- cut ---
configure Your kernel, compile, install and thats all.
0x05 End:
I have make this little patch for My FreeBSD box, and this method
doesn't work. May be it is possible to do, but this is not My
skill level );] ...
0x06 Greetz:
kador, Lam3rz, layon, ultor, neutrinka, !pl-bsd, and
all lamerz ...
## Rafal (cache) Lesniak #######
CoSysOp cache /at/ sowatech.com.pl
### http://www.sowatech.com.pl ###
[ reply ]