From 3c9bd911b8b90e8034c9b61633a6985e752eb417 Mon Sep 17 00:00:00 2001
From: Andreas Kling <kling@serenityos.org>
Date: Fri, 25 Dec 2020 17:56:02 +0100
Subject: [PATCH] Kernel: Make /proc/PID directories owned by the EUID:EGID

This is instead of the UID:GID, since that was allowing some very bad
information leaks like spawning "su" as an unprivileged user and having
full /proc access to it.

Work towards #4504.
---
 Kernel/FileSystem/ProcFS.cpp | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/Kernel/FileSystem/ProcFS.cpp b/Kernel/FileSystem/ProcFS.cpp
index 2a261a1e1d..a7cd9cd241 100644
--- a/Kernel/FileSystem/ProcFS.cpp
+++ b/Kernel/FileSystem/ProcFS.cpp
@@ -1138,8 +1138,8 @@ InodeMetadata ProcFSInode::metadata() const
         ProcessID pid = to_pid(identifier());
         auto process = Process::from_pid(pid);
         if (process) {
-            metadata.uid = process->sys$getuid();
-            metadata.gid = process->sys$getgid();
+            metadata.uid = process->euid();
+            metadata.gid = process->egid();
         } else {
             // TODO: How to handle this?
             metadata.uid = 0;
@@ -1149,8 +1149,8 @@ InodeMetadata ProcFSInode::metadata() const
         ThreadID tid = to_tid(identifier());
         auto thread = Thread::from_tid(tid);
         if (thread) {
-            metadata.uid = thread->process().sys$getuid();
-            metadata.gid = thread->process().sys$getgid();
+            metadata.uid = thread->process().euid();
+            metadata.gid = thread->process().egid();
         } else {
             // TODO: How to handle this?
             metadata.uid = 0;