lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 2 Mar 2011 21:07:54 -0500 From: Stephen Wilson <wilsons@...rt.ca> To: Andrew Morton <akpm@...ux-foundation.org> Cc: Al Viro <viro@...iv.linux.org.uk>, David Rientjes <rientjes@...gle.com>, KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>, Nick Piggin <npiggin@...nel.dk>, Roland McGrath <roland@...hat.com>, linux-kernel@...r.kernel.org, Stephen Wilson <wilsons@...rt.ca> Subject: [PATCH] Enable writing to /proc/PID/mem. For a long time /proc/PID/mem has provided a read-only interface, at least since 2.4.0. However, a write capability has existed "forever" in tree via the function mem_write, disabled with an #ifdef along with the comment "this is a security hazard". Charles Wright, back in 2006, gave some history on the subject: http://lkml.org/lkml/2006/3/10/224 Later, in commit 638fa202c, Roland McGrath updated mem_write to call check_mem_permission which ensures an identical security policy for /proc/PID/mem as for ptrace(). IOW, the proc interface provides a simpler, more efficient, but otherwise equivalent mechanism for probing a processes memory as available via ptrace. There is no longer a security hazard and the world can safely use read/write instead of ptrace PEEK/POKE's. Remove the #ifdef. Signed-off-by: Stephen Wilson <wilsons@...rt.ca> --- fs/proc/base.c | 5 ----- 1 files changed, 0 insertions(+), 5 deletions(-) diff --git a/fs/proc/base.c b/fs/proc/base.c index 9d096e8..70fc4db 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -829,10 +829,6 @@ out_no_task: return ret; } -#define mem_write NULL - -#ifndef mem_write -/* This is a security hazard */ static ssize_t mem_write(struct file * file, const char __user *buf, size_t count, loff_t *ppos) { @@ -880,7 +876,6 @@ out: out_no_task: return copied; } -#endif loff_t mem_lseek(struct file *file, loff_t offset, int orig) { -- 1.7.3.5 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists