shithub: riscv

Info  •  Files  •  Log  •  Branches

devproc: fix noteid permission checks for none

make sure noteid is valid (>0).

prohibit changing note group of kernel processes. this is also
checked for in pgrpnote().

prevent "none" user from changing its note group to another "none"
sessions. this would allow him to send notes other none processes
other than its own.

--- a/sys/src/9/port/devproc.c

+++ b/sys/src/9/port/devproc.c

@@ -1136,7 +1136,11 @@

 			error("note not posted");

 		break;

 	case Qnoteid:

+		if(p->kp)

+			error(Eperm);

 		id = atoi(a);

+		if(id <= 0)

+			error(Ebadarg);

 		if(id == p->pid) {

 			p->noteid = id;

 			break;

@@ -1143,9 +1147,10 @@

 		}

 		t = proctab(0);

 		for(et = t+conf.nproc; t < et; t++) {

-			if(t->state == Dead)

+			if(t->state == Dead || t->kp)

 				continue;

 			if(id == t->noteid) {

+				nonone(t);

 				if(strcmp(p->user, t->user) != 0)

 					error(Eperm);

 				p->noteid = id;