From f94dc3beb82053bec09b34a7a77cefe25cf1aadf Mon Sep 17 00:00:00 2001
From: Jeremy Soller <jeremy@system76.com>
Date: Tue, 10 Aug 2021 16:33:49 -0600
Subject: [PATCH] Allow current process to access its own proc data
---
src/scheme/proc.rs | 31 +++++++++++++++++--------------
1 file changed, 17 insertions(+), 14 deletions(-)
diff --git a/src/scheme/proc.rs b/src/scheme/proc.rs
index d76a1bb9..34454513 100644
--- a/src/scheme/proc.rs
+++ b/src/scheme/proc.rs
@@ -277,21 +277,24 @@ impl Scheme for ProcScheme {
let current = contexts.current().ok_or(Error::new(ESRCH))?;
let current = current.read();
- // Do we own the process?
- if uid != target.euid && gid != target.egid {
- return Err(Error::new(EPERM));
- }
+ // Are we the process?
+ if target.id != current.id {
+ // Do we own the process?
+ if uid != target.euid && gid != target.egid {
+ return Err(Error::new(EPERM));
+ }
- // Is it a subprocess of us? In the future, a capability could
- // bypass this check.
- match contexts.ancestors(target.ppid).find(|&(id, _context)| id == current.id) {
- Some((id, context)) => {
- // Paranoid sanity check, as ptrace security holes
- // wouldn't be fun
- assert_eq!(id, current.id);
- assert_eq!(id, context.read().id);
- },
- None => return Err(Error::new(EPERM)),
+ // Is it a subprocess of us? In the future, a capability could
+ // bypass this check.
+ match contexts.ancestors(target.ppid).find(|&(id, _context)| id == current.id) {
+ Some((id, context)) => {
+ // Paranoid sanity check, as ptrace security holes
+ // wouldn't be fun
+ assert_eq!(id, current.id);
+ assert_eq!(id, context.read().id);
+ },
+ None => return Err(Error::new(EPERM)),
+ }
}
}
};
--
GitLab