| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 28 Nov 2007 04:42:22 -0700 From: ebiederm@...ssion.com (Eric W. Biederman) To: Ingo Molnar <mingo@...e.hu> Cc: Albert Cahalan <acahalan@...il.com>, Guillaume Chazarain <guichaz@...oo.fr>, akpm@...ux-foundation.org, mm-commits@...r.kernel.org, oleg@...sign.ru, rjw@...k.pl, roland@...hat.com, xemul@...nvz.org, linux-kernel <linux-kernel@...r.kernel.org>, Ulrich Drepper <drepper@...hat.com> Subject: Re: + proc-fix-the-threaded-proc-self.patch added to -mm tree ebiederm@...ssion.com (Eric W. Biederman) writes: > I am not certain the two components make sense as we have a possible > permission problem where it is remotely possible that a task will > have permission to access /proc/<tid> but not /proc/<tgid>. Got it. I can totally avoid in permission issues by having a follow_link method that just goes to the target directory without checking permissions as we go. So in the worst case with weird selinux permission rules you might be able to access /proc/task but not /proc/self or /proc/task/.. At least for what I care about, weird cases with unshare where the mounts and the other namespaces may be different between threads in someones home rolled thread package that uses CLONE_THREAD we should be ok. Eric - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists