NetBSD Problem Report #50644

From paul@pokey.whooppee.com  Mon Jan 11 02:13:09 2016
Return-Path: <paul@pokey.whooppee.com>
Received: from mail.netbsd.org (mail.NetBSD.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
	by mollari.NetBSD.org (Postfix) with ESMTPS id AA6077ABDD
	for <gnats-bugs@gnats.NetBSD.org>; Mon, 11 Jan 2016 02:13:09 +0000 (UTC)
Message-Id: <20160111021307.4103016E92@pokey.whooppee.com>
Date: Mon, 11 Jan 2016 10:13:07 +0800 (PHT)
From: paul@whooppee.com
Reply-To: paul@whooppee.com
To: gnats-bugs@NetBSD.org
Subject: filemon(4) doesn't detect pid re-use
X-Send-Pr-Version: 3.95

>Number:         50644
>Category:       kern
>Synopsis:       filemon(4) doesn't detect pid re-use
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Jan 11 02:15:00 +0000 2016
>Closed-Date:    Wed Dec 18 07:55:50 +0000 2019
>Last-Modified:  Wed Dec 18 07:55:50 +0000 2019
>Originator:     Paul Goyette
>Release:        NetBSD 7.99.25
>Organization:
+------------------+--------------------------+------------------------+
| Paul Goyette     | PGP Key fingerprint:     | E-mail addresses:      |
| (Retired)        | FA29 0E3B 35AF E8AE 6651 | paul at whooppee.com   |
| Kernel Developer | 0786 F758 55DE 53BA 7731 | pgoyette at netbsd.org |
+------------------+--------------------------+------------------------+
>Environment:


System: NetBSD pokey.whooppee.com 7.99.25 NetBSD 7.99.25 (POKEY 2015-12-23 05:05:48) #9: Wed Dec 23 15:10:44 PHT 2015 paul@pokey.whooppee.com:/build/netbsd-local/obj/amd64/sys/arch/amd64/compile/POKEY amd64
Architecture: x86_64
Machine: amd64
>Description:
	filemon(4) does not detect that a monitored process's pid
	can be re-used by a new, unrelated process.  As a result,
	filemon will monitor the events of the (new) process and
	all of its descendants without making any authentication
	checks.

>How-To-Repeat:
	Start filemon(4) for a given target.  Let that process
	exit (or terminate it via a signal).  Create significant
	process churn (creation/exit) until the original process's
	pid gets reused.

>Fix:
	Unknown.  filemon(4) needs to be totally reworked.


>Release-Note:

>Audit-Trail:

State-Changed-From-To: open->closed
State-Changed-By: maxv@NetBSD.org
State-Changed-When: Wed, 18 Dec 2019 07:55:50 +0000
State-Changed-Why:
Filemon was removed.


>Unformatted:
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.45 2018/12/21 14:23:33 maya Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2017 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.