Le 18/01/2018 à 11:03, Tom Ivar Helbekkmo a écrit :
Maxime Villard <[email protected]> writes:
So, making /dev/ksyms 440 root:kmem should not break anything.
If it does, then there's a bug in the offending tool in the first place.
Agreed. systat is one of them. It takes care to call kvm_openfiles()
while setgid kmem, but kvm_openfiles() doesn't open /dev/ksyms,
expecting that the other kvm functions can do that at need. So when
e.g. 'systat vmstat' calls kvm_nlist() after privileges have been
dropped, it fails:
systat: nlist: can't find following symbols:
_intrnames
_eintrnames
_intrcnt
_eintrcnt
_allevents
Well, looking at the code, it seems to me that _kvm_open() should be changed
to keep /dev/ksyms open, the same way it keeps /dev/kmem open.
