| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 10 Jan 2013 18:32:33 +0100 From: "Larrosa, Antonio" <antlarr@...ial.com> To: <linux-kernel@...r.kernel.org> Subject: seteuid and /proc/<pid>/exe Hello, I have a user with uid=1000 that runs a process, let's say with pid 42. If I do a readlink on /proc/42/exe from another process run by that same user, it reads the link correctly. If root calls readlink on that same link, it works correctly. The problem is that I have another process that is run by root, and then calls seteuid(1000). When it tries to read that link, it fails with "permission denied". I could just seteuid(0), read the link and seteuid(1000) again (I checked it and it works) but I wonder if that's really the expected behaviour. If any of the effective, real and saved uid of the process have permissions to read the link, is it expected that only because they're different, then the permission is denied? Thanks, -- Antonio Larrosa -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists