| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20091029203646.GC30747@elf.ucw.cz> Date: Thu, 29 Oct 2009 21:36:46 +0100 From: Pavel Machek <pavel@....cz> To: mrex@....com Cc: marco@....nl, bugtraq@...urityfocus.com Subject: Re: /proc filesystem allows bypassing directory permissions on Hi! > There are two conceivable approaches to implementing the open() for > a filedescriptor shown in /proc. Either go throuh the inode and > check the access permissions on the file at the current time > (which is a sensible implementation and what the kernel seems > to be currently doing), or implement it as a dup() and transfer > of the filedescriptor. (Tranfering open filedescriptors between > processes can also be done by IPC). Implemetenting it via dup() > would probably keep the original filedescriptor attributes > (such as read-only) but would require an entirely seperate > approach to access control (who is allowed to dup() that filedescriptor), > and it would create problems: like you would not be able to look > into files that were opened only for write through /proc, which > would seriously impair the usefulness of the fd-listing in /proc. Doing it as dup() is indeed the way to go. /proc/*/fd/ already needs same uid, so... Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
Powered by blists - more mailing lists