lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 Apr 2008 22:34:34 +0400 From: Alexey Dobriyan <adobriyan@...il.com> To: Alan Cox <alan@...rguk.ukuu.org.uk> Cc: Jan Kara <jack@...e.cz>, Lennart Sorensen <lsorense@...lub.uwaterloo.ca>, Bodo Eggert <7eggert@....de>, Diego Calleja <diegocg@...il.com>, Jiri Kosina <jkosina@...e.cz>, Michal Hocko <mhocko@...e.cz>, Meelis Roos <mroos@...ux.ee>, Linux Kernel list <linux-kernel@...r.kernel.org>, linux-fsdevel@...r.kernel.org Subject: Re: file offset corruption on 32-bit machines? On Mon, Apr 14, 2008 at 05:54:52PM +0100, Alan Cox wrote: > > Well, but imagine you have a file /proc/my_secret_file from which you > > are able to read from position A:a and B:b but not from position > > A:b. Concievably, checks for the file position could be bypassed because of > > this race... I know this is kind of dumb example but I can imagine someone > > Unlikely as the ppos passed to the driver is a private copy and the user > could equally use pread/pwrite to specify that offset. pread is banned on proc files implemented via seq_files. And in no-seq_file case, there are MAX_NON_LFS checks which fits into 32 bits. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists