diff options
| -rw-r--r-- | sys/fs/procfs/procfs_ctl.c | 7 | ||||
| -rw-r--r-- | sys/kern/sys_process.c | 7 | ||||
| -rw-r--r-- | sys/miscfs/procfs/procfs_ctl.c | 7 |
3 files changed, 18 insertions, 3 deletions
diff --git a/sys/fs/procfs/procfs_ctl.c b/sys/fs/procfs/procfs_ctl.c index 4370e0c9a9bc..9f47539f098e 100644 --- a/sys/fs/procfs/procfs_ctl.c +++ b/sys/fs/procfs/procfs_ctl.c @@ -37,7 +37,7 @@ * @(#)procfs_ctl.c 8.4 (Berkeley) 6/15/94 * * From: - * $Id: procfs_ctl.c,v 1.13 1997/02/22 09:40:27 peter Exp $ + * $Id: procfs_ctl.c,v 1.14 1997/03/24 11:24:40 bde Exp $ */ #include <sys/param.h> @@ -52,6 +52,7 @@ #include <sys/signal.h> #include <sys/signalvar.h> #include <sys/ptrace.h> +#include <sys/systm.h> #include <miscfs/procfs/procfs.h> #include <vm/vm.h> @@ -130,6 +131,10 @@ procfs_control(curp, p, op) if (p->p_pid == curp->p_pid) return (EINVAL); + /* can't trace init when securelevel > 0 */ + if (securelevel > 0 && p->p_pid == 1) + return (EPERM); + /* * Go ahead and set the trace flag. * Save the old parent (it's reset in diff --git a/sys/kern/sys_process.c b/sys/kern/sys_process.c index 7a538b672e1f..02aa392428c1 100644 --- a/sys/kern/sys_process.c +++ b/sys/kern/sys_process.c @@ -28,7 +28,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id$ + * $Id: sys_process.c,v 1.27 1997/02/22 09:39:20 peter Exp $ */ #include <sys/param.h> @@ -39,6 +39,7 @@ #include <sys/ptrace.h> #include <sys/errno.h> #include <sys/queue.h> +#include <sys/systm.h> #include <machine/reg.h> #include <machine/psl.h> @@ -250,6 +251,10 @@ ptrace(curp, uap, retval) return error; } + /* can't trace init when securelevel > 0 */ + if (securelevel > 0 && p->p_pid == 1) + return EPERM; + /* OK */ break; diff --git a/sys/miscfs/procfs/procfs_ctl.c b/sys/miscfs/procfs/procfs_ctl.c index 4370e0c9a9bc..9f47539f098e 100644 --- a/sys/miscfs/procfs/procfs_ctl.c +++ b/sys/miscfs/procfs/procfs_ctl.c @@ -37,7 +37,7 @@ * @(#)procfs_ctl.c 8.4 (Berkeley) 6/15/94 * * From: - * $Id: procfs_ctl.c,v 1.13 1997/02/22 09:40:27 peter Exp $ + * $Id: procfs_ctl.c,v 1.14 1997/03/24 11:24:40 bde Exp $ */ #include <sys/param.h> @@ -52,6 +52,7 @@ #include <sys/signal.h> #include <sys/signalvar.h> #include <sys/ptrace.h> +#include <sys/systm.h> #include <miscfs/procfs/procfs.h> #include <vm/vm.h> @@ -130,6 +131,10 @@ procfs_control(curp, p, op) if (p->p_pid == curp->p_pid) return (EINVAL); + /* can't trace init when securelevel > 0 */ + if (securelevel > 0 && p->p_pid == 1) + return (EPERM); + /* * Go ahead and set the trace flag. * Save the old parent (it's reset in |