diff options
author | Christian Göttsche <cgzones@googlemail.com> | 2021-06-09 11:13:39 +0200 |
---|---|---|
committer | BenBE <BenBE@geshi.org> | 2021-06-09 22:52:18 +0200 |
commit | 9114cf6ea3771c55cdaaa3af8583feaf0514d956 (patch) | |
tree | aa4cab368f9f3489f336ca1d921221c370c69b7d /linux/LinuxProcessList.c | |
parent | faabbaa71ec09c0dc8a013f412b38726eec4e899 (diff) |
Linux: update process uid on change
Always check if the user of a process changed, e.g. by using setuid(2).
Diffstat (limited to 'linux/LinuxProcessList.c')
-rw-r--r-- | linux/LinuxProcessList.c | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/linux/LinuxProcessList.c b/linux/LinuxProcessList.c index fdde57c3..168c7eb7 100644 --- a/linux/LinuxProcessList.c +++ b/linux/LinuxProcessList.c @@ -380,7 +380,7 @@ static bool LinuxProcessList_readStatFile(Process* process, openat_arg_t procFd, } -static bool LinuxProcessList_statProcessDir(Process* process, openat_arg_t procFd) { +static bool LinuxProcessList_updateUser(ProcessList* processList, Process* process, openat_arg_t procFd) { struct stat sstat; #ifdef HAVE_OPENAT int statok = fstat(procFd, &sstat); @@ -389,7 +389,12 @@ static bool LinuxProcessList_statProcessDir(Process* process, openat_arg_t procF #endif if (statok == -1) return false; - process->st_uid = sstat.st_uid; + + if (process->st_uid != sstat.st_uid) { + process->st_uid = sstat.st_uid; + process->user = UsersTable_getRef(processList->usersTable, sstat.st_uid); + } + return true; } @@ -1402,12 +1407,10 @@ static bool LinuxProcessList_recurseProcTree(LinuxProcessList* this, openat_arg_ proc->percent_cpu = CLAMP(percent_cpu, 0.0F, cpus * 100.0F); proc->percent_mem = proc->m_resident / (double)(pl->totalMem) * 100.0; - if (!preExisting) { - - if (! LinuxProcessList_statProcessDir(proc, procFd)) - goto errorReadingProcess; + if (! LinuxProcessList_updateUser(pl, proc, procFd)) + goto errorReadingProcess; - proc->user = UsersTable_getRef(pl->usersTable, proc->st_uid); + if (!preExisting) { #ifdef HAVE_OPENVZ if (settings->flags & PROCESS_FLAG_LINUX_OPENVZ) { |