On Sun, Dec 04, 2011 at 10:58:10PM +0200, Mikolaj Golub wrote: > RNMW> Agreed. In general, my view is that p_cansee() should be used for very > RNMW> few of our process inspection APIs. I like your example of ASLR > RNMW> especially, as it illustrates how debugging information can aid even > RNMW> local attacks (i.e., user vs. setuid binary).
> What do you think about recently added kern.proc.ps_strings, which > returns location of ps_strings structure? It uses p_cansee() too. The > location is the same for all processes of the same ABI, so this does > not look like sensitive information, on the other hand it also seems > to be used by debuggers only. With stack ASLR, the address will not be the same for every process of the same ABI and will be sensitive information. Therefore I think this should be locked down too. -- Jilles Tjoelker _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[email protected]"
