Author: markj
Date: Fri Jul 28 03:14:31 2017
New Revision: 321639
URL: https://svnweb.freebsd.org/changeset/base/321639
Log:
Restrict permissions on /dev/ksyms to 0400.
The ksyms(4) device was added specifically for use by lockstat(1), which
as a DTrace consumer must run as root.
Discussed with: emaste
MFC after: 3 days
Modified:
head/sys/dev/ksyms/ksyms.c
Modified: head/sys/dev/ksyms/ksyms.c
==============================================================================
--- head/sys/dev/ksyms/ksyms.c Fri Jul 28 02:00:03 2017 (r321638)
+++ head/sys/dev/ksyms/ksyms.c Fri Jul 28 03:14:31 2017 (r321639)
@@ -592,7 +592,7 @@ ksyms_modevent(module_t mod __unused, int type, void *
case MOD_LOAD:
mtx_init(&ksyms_mtx, "KSyms mtx", NULL, MTX_DEF);
ksyms_dev = make_dev(&ksyms_cdevsw, 0, UID_ROOT, GID_WHEEL,
- 0444, KSYMS_DNAME);
+ 0400, KSYMS_DNAME);
break;
case MOD_UNLOAD:
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
