diff options
| -rw-r--r-- | usr.bin/w/w.c | 7 | ||||
| -rw-r--r-- | usr.sbin/slstat/slstat.c | 9 |
2 files changed, 15 insertions, 1 deletions
diff --git a/usr.bin/w/w.c b/usr.bin/w/w.c index b75f7f48de33..924ba11fe253 100644 --- a/usr.bin/w/w.c +++ b/usr.bin/w/w.c @@ -179,6 +179,13 @@ main(argc, argv) _res.retrans = 2; /* resolver timeout to 2 seconds per try */ _res.retry = 1; /* only try once.. */ + /* + * Discard setgid privileges if not the running kernel so that bad + * guys can't print interesting stuff from kernel memory. + */ + if (nlistf != NULL || memf != NULL) + setgid(getgid()); + if ((kd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, errbuf)) == NULL) errx(1, "%s", errbuf); diff --git a/usr.sbin/slstat/slstat.c b/usr.sbin/slstat/slstat.c index 402c24840d17..eb7d3b7a99f8 100644 --- a/usr.sbin/slstat/slstat.c +++ b/usr.sbin/slstat/slstat.c @@ -22,7 +22,7 @@ */ #ifndef lint -static char rcsid[] = "$Id: slstat.c,v 1.3 1994/11/19 13:57:21 jkh Exp $"; +static char rcsid[] = "$Id: slstat.c,v 1.4 1995/05/30 03:52:30 rgrimes Exp $"; #endif #include <stdio.h> @@ -132,6 +132,13 @@ main(argc, argv) kflag++; } } + /* + * Discard setgid privileges if not the running kernel so that bad + * guys can't print interesting stuff from kernel memory. + */ + if (system != NULL || kmemf != NULL) + setgid(getgid()); + kvm_h = kvm_openfiles(system, kmemf, NULL, O_RDONLY, errbuf); if (kvm_h == 0) { (void)fprintf(stderr, |