1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
From ca8ae00cbe03924f05903ec432f91c73893472d4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Wed, 9 Jun 2021 11:13:39 +0200
Subject: [PATCH] Linux: update process uid on change
Always check if the user of a process changed, e.g. by using setuid(2).
---
Process.c | 1 +
linux/LinuxProcessList.c | 17 ++++++++++-------
2 files changed, 11 insertions(+), 7 deletions(-)
--- a/linux/LinuxProcessList.c
+++ b/linux/LinuxProcessList.c
@@ -366,7 +366,7 @@
}
-static bool LinuxProcessList_statProcessDir(Process* process, openat_arg_t procFd) {
+static bool LinuxProcessList_updateUser(ProcessList* processList, Process* process, openat_arg_t procFd) {
struct stat sstat;
#ifdef HAVE_OPENAT
int statok = fstat(procFd, &sstat);
@@ -375,7 +375,12 @@
#endif
if (statok == -1)
return false;
- process->st_uid = sstat.st_uid;
+
+ if (process->st_uid != sstat.st_uid) {
+ process->st_uid = sstat.st_uid;
+ process->user = UsersTable_getRef(processList->usersTable, sstat.st_uid);
+ }
+
return true;
}
@@ -1383,12 +1388,10 @@
proc->percent_cpu = CLAMP(percent_cpu, 0.0F, cpus * 100.0F);
proc->percent_mem = proc->m_resident / (double)(pl->totalMem) * 100.0;
- if (!preExisting) {
-
- if (! LinuxProcessList_statProcessDir(proc, procFd))
- goto errorReadingProcess;
+ if (! LinuxProcessList_updateUser(pl, proc, procFd))
+ goto errorReadingProcess;
- proc->user = UsersTable_getRef(pl->usersTable, proc->st_uid);
+ if (!preExisting) {
#ifdef HAVE_OPENVZ
if (settings->flags & PROCESS_FLAG_LINUX_OPENVZ) {
--- a/Process.c
+++ b/Process.c
@@ -436,6 +436,7 @@
this->show = true;
this->updated = false;
this->basenameOffset = -1;
+ this->st_uid = (uid_t)-1;
if (Process_getuid == (uid_t)-1) {
Process_getuid = getuid();
|