Mon Oct 28 13:19:50 2019 UTC ()

Disable filemon.

It isn't suited for general use (that is, it poses security risks),
but the existence of the module means it is auto-loaded when /dev/filemon
is opened, which can be done by any user.

Thanks Ilja van Sprundel for the heads up.


(maya)

diff -r1.126 -r1.127 src/distrib/sets/lists/modules/mi
diff -r1.228 -r1.229 src/sys/modules/Makefile

--- src/distrib/sets/lists/modules/mi 2019/09/22 22:59:37	1.126
+++ src/distrib/sets/lists/modules/mi 2019/10/28 13:19:50	1.127

 @@ -1,14 +1,14 @@
-# $NetBSD: mi,v 1.126 2019/09/22 22:59:37 christos Exp $
+# $NetBSD: mi,v 1.127 2019/10/28 13:19:50 maya Exp $
+#
 # Note: don't delete entries from here - mark them as "obsolete" instead.
+#
 # IMPORTANT:	When you add a module here, you have to add it twice to
 #		md.evbppc as well. evbppc does not use mi, because
 #		powerpc-4xx and powerpc-booke modules are incompatible.
 #		Additionally, you may have to add it once more in md.amd64
 #		(for xen) and twice more for i386 (xen and xen-pae).
 #		Sorry for any inconvenience this may cause, the management.
+#
 ./@MODULEDIR@					base-kernel-modules	kmod
 ./@MODULEDIR@/aac				base-obsolete		obsolete
 ./@MODULEDIR@/aac/aac.kmod			base-obsolete		obsolete
 @@ -158,28 +158,28 @@
 ./@MODULEDIR@/efs/efs.kmod			base-kernel-modules	kmod
 ./@MODULEDIR@/exec_script			base-kernel-modules	kmod
 ./@MODULEDIR@/exec_script/exec_script.kmod	base-kernel-modules	kmod
 ./@MODULEDIR@/ext2fs				base-kernel-modules	kmod
 ./@MODULEDIR@/ext2fs/ext2fs.kmod		base-kernel-modules	kmod
 ./@MODULEDIR@/fbt				base-obsolete		obsolete
 ./@MODULEDIR@/fbt/fbt.kmod			base-obsolete		obsolete
 ./@MODULEDIR@/fdesc				base-kernel-modules	kmod
 ./@MODULEDIR@/fdesc/fdesc.kmod			base-kernel-modules	kmod
 ./@MODULEDIR@/ffs				base-kernel-modules	kmod
 ./@MODULEDIR@/ffs/ffs.kmod			base-kernel-modules	kmod
 ./@MODULEDIR@/filecore				base-kernel-modules	kmod
 ./@MODULEDIR@/filecore/filecore.kmod		base-kernel-modules	kmod
-./@MODULEDIR@/filemon				base-kernel-modules	kmod
+./@MODULEDIR@/filemon				base-obsolete		obsolete
-./@MODULEDIR@/filemon/filemon.kmod		base-kernel-modules	kmod
+./@MODULEDIR@/filemon/filemon.kmod		base-obsolete		obsolete
 ./@MODULEDIR@/flash				base-kernel-modules	kmod
 ./@MODULEDIR@/flash/flash.kmod			base-kernel-modules	kmod
 ./@MODULEDIR@/fss				base-kernel-modules	kmod
 ./@MODULEDIR@/fss/fss.kmod			base-kernel-modules	kmod
 ./@MODULEDIR@/gpio				base-kernel-modules	kmod
 ./@MODULEDIR@/gpio/gpio.kmod			base-kernel-modules	kmod
 ./@MODULEDIR@/gpioiic				base-kernel-modules	kmod
 ./@MODULEDIR@/gpioiic/gpioiic.kmod		base-kernel-modules	kmod
 ./@MODULEDIR@/gpioirq				base-kernel-modules	kmod
 ./@MODULEDIR@/gpioirq/gpioirq.kmod		base-kernel-modules	kmod
 ./@MODULEDIR@/gpioow				base-kernel-modules	kmod
 ./@MODULEDIR@/gpioow/gpioow.kmod		base-kernel-modules	kmod
 ./@MODULEDIR@/gpiopps				base-kernel-modules	kmod

--- src/sys/modules/Makefile 2019/10/28 02:56:40	1.228
+++ src/sys/modules/Makefile 2019/10/28 13:19:50	1.229

 @@ -1,14 +1,14 @@
-#	$NetBSD: Makefile,v 1.228 2019/10/28 02:56:40 ozaki-r Exp $
+#	$NetBSD: Makefile,v 1.229 2019/10/28 13:19:50 maya Exp $
 .include <bsd.own.mk>
 # For all platforms
 # Modules for compatability with earlier versions of NetBSD
 SUBDIR+=	compat_util
 SUBDIR+=	compat_43   compat_sysctl_09_43
 SUBDIR+=	compat_09   compat_10   compat_12   compat_13   compat_14
 SUBDIR+=	compat_16   compat_20   compat_30   compat_40   compat_50
 SUBDIR+=	compat_60   compat_70   compat_80   compat_90
 @@ -44,27 +44,27 @@ SUBDIR+=	crypto
 SUBDIR+=	coda
 SUBDIR+=	coda5
 SUBDIR+=	coredump
 SUBDIR+=	dbcool
 SUBDIR+=	des
 SUBDIR+=	dk_subr
 SUBDIR+=	drvctl
 SUBDIR+=	efs
 SUBDIR+=	ext2fs
 SUBDIR+=	exec_script
 SUBDIR+=	fdesc
 SUBDIR+=	ffs
 SUBDIR+=	filecore
-SUBDIR+=	filemon
+#SUBDIR+=	filemon
 SUBDIR+=	flash
 SUBDIR+=	fss
 SUBDIR+=	gpio
 SUBDIR+=	gpioiic
 SUBDIR+=	gpioow
 SUBDIR+=	gpiosim
 SUBDIR+=	gpioirq
 SUBDIR+=	gpiopps
 SUBDIR+=	hfs
 SUBDIR+=	hythygtemp
 SUBDIR+=	si70xxtemp
 SUBDIR+=	am2315temp
 SUBDIR+=	i2cexec