Skip to content
Permalink
Browse files
ssh: pass 0 to procctl(2) to operate on self
As of f833ab9 procctl(2) allows idtype P_PID with id = 0 as a
shortcut for the calling process ID.  The shortcut also bypasses the
p_cansee / p_candebug test (since the process is able to act on itself.)

At present if the security.bsd.unprivileged_proc_debug sysctl is 0 then
procctl(P_PID, getpid(), ... for a process to act on itself will fail,
but procctl(P_PID, 0, ... will succeed.  This should likely be addressed
with a kernel change.

In any case the id = 0 shortcut is a tiny optimization for a process to
act on itself and allows the self-procctl to succeed, so use it in ssh.

Reported by:	Shawn Webb
Reviewed by:	kib
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D33970

(cherry picked from commit 0746301)
(cherry picked from commit e38610a)
(cherry picked from commit abf5f2e)
  • Loading branch information
emaste committed Feb 15, 2022
1 parent 2d09e43 commit b5b1a69
Showing 1 changed file with 1 addition and 2 deletions.
@@ -30,7 +30,6 @@
#include <priv.h> /* For setpflags() and __PROC_PROTECT */
#endif
#include <stdarg.h>
#include <unistd.h>

#include "log.h"

@@ -41,7 +40,7 @@ platform_disable_tracing(int strict)
/* On FreeBSD, we should make this process untraceable */
int disable_trace = PROC_TRACE_CTL_DISABLE;

if (procctl(P_PID, getpid(), PROC_TRACE_CTL, &disable_trace) && strict)
if (procctl(P_PID, 0, PROC_TRACE_CTL, &disable_trace) && strict)
fatal("unable to make the process untraceable");
#endif
#if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)

0 comments on commit b5b1a69

Please sign in to comment.