From bbe40ae6328d894b17ff974604b609b5ad0c5747 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?kleines=20Filmr=C3=B6llchen?= <filmroellchen@serenityos.org>
Date: Sun, 24 Jul 2022 18:01:57 +0200
Subject: [PATCH] Kernel: Prevent regular users from accessing other processes'
 threads

---
 Kernel/Syscalls/sched.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Kernel/Syscalls/sched.cpp b/Kernel/Syscalls/sched.cpp
index 57b38d0ce9..a9351bb27b 100644
--- a/Kernel/Syscalls/sched.cpp
+++ b/Kernel/Syscalls/sched.cpp
@@ -29,6 +29,10 @@ ErrorOr<NonnullRefPtr<Thread>> Process::get_thread_from_pid_or_tid(pid_t pid_or_
         if (pid_or_tid != 0)
             peer = Thread::from_tid(pid_or_tid);
 
+        // Only superuser can access other processes' threads.
+        if (!credentials()->is_superuser() && peer && &peer->process() != this)
+            return EPERM;
+
         break;
     }
     case Syscall::SchedulerParametersMode::Process: {