| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 02 Nov 2010 07:10:50 -0400 From: Avi Kivity <avi@...hat.com> To: Christopher Yeoh <cyeoh@....ibm.com> CC: Bryan Donlan <bdonlan@...il.com>, linux-kernel@...r.kernel.org, Linux Memory Management List <linux-mm@...ck.org>, Ingo Molnar <mingo@...e.hu> Subject: Re: [RFC][PATCH] Cross Memory Attach On 11/01/2010 11:37 PM, Christopher Yeoh wrote: > > > > You could have each process open /proc/self/mem and pass the fd using > > SCM_RIGHTS. > > > > That eliminates a race; with copy_to_process(), by the time the pid > > is looked up it might designate a different process. > > Just to revive an old thread (I've been on holidays), but this doesn't > work either. the ptrace check is done by mem_read (eg on each read) so > even if you do pass the fd using SCM_RIGHTS, reads on the fd still > fail. > > So unless there's good reason to believe that the ptrace permission > check is no longer needed, the /proc/pid/mem interface doesn't seem to > be an option for what we want to do. > Perhaps move the check to open(). I can understand the desire to avoid letting random processes peek each other's memory, but once a process has opened its own /proc/self/mem and explicitly passed it to another, we should allow it. -- I have a truly marvellous patch that fixes the bug which this signature is too narrow to contain. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists