From bc518e39bf7e64dd0edf5ca7b82b4d089ade532a Mon Sep 17 00:00:00 2001 From: Andreas Kling Date: Sun, 19 Dec 2021 16:48:02 +0100 Subject: [PATCH] Kernel: Make perfcore files owned by UID=0, GID=0 Since perfcore files can be generated during process finalization, we can't just allow them to contain sensitive kernel information if they're gonna be owned by the process's own UID+GID. So instead, perfcores are now owned by 0:0. This is not the most ergonomic solution, but I'm not sure what we could do to make it nicer. We'll have to think more about that. In the meantime, this patches up a kernel info leak. :^) --- Kernel/Process.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Kernel/Process.cpp b/Kernel/Process.cpp index 87af43fff2..99155ff8cd 100644 --- a/Kernel/Process.cpp +++ b/Kernel/Process.cpp @@ -562,7 +562,7 @@ bool Process::dump_perfcore() auto perfcore_filename = String::formatted("{}.profile", base_filename); RefPtr description; for (size_t attempt = 1; attempt <= 10; ++attempt) { - auto description_or_error = VirtualFileSystem::the().open(perfcore_filename, O_CREAT | O_EXCL, 0400, current_directory(), UidAndGid { uid(), gid() }); + auto description_or_error = VirtualFileSystem::the().open(perfcore_filename, O_CREAT | O_EXCL, 0400, current_directory(), UidAndGid { 0, 0 }); if (!description_or_error.is_error()) { description = description_or_error.release_value(); break;