RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 19:57:35 +00:00
Code Issues Activity Actions

ProcFS: Don't expose kernel-only regions to users via /proc/PID/vm

Browse source 
The superuser is still allowed to see them, but kernel-only VM regions
are now excluded from /proc/PID/vm.
This commit is contained in:
Andreas Kling 2020-01-10 07:02:17 +01:00
parent 62c45850e1
commit 59bfbed2e2
1 changed files with 2 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Kernel/FileSystem/ProcFS.cpp
View file

@ -260,6 +260,8 @@ Optional<KBuffer> procfs$pid_vm(InodeIdentifier identifier)
KBufferBuilder builder; KBufferBuilder builder;
JsonArraySerializer array { builder }; JsonArraySerializer array { builder };
for (auto& region : process.regions()) { for (auto& region : process.regions()) {
if (!region.is_user_accessible() && !current->process().is_superuser())
continue;
auto region_object = array.add_object(); auto region_object = array.add_object();
region_object.add("readable", region.is_readable()); region_object.add("readable", region.is_readable());
region_object.add("writable", region.is_writable()); region_object.add("writable", region.is_writable());