| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 20 Mar 2012 00:02:44 +0100 From: richard -rw- weinberger <richard.weinberger@...il.com> To: Andrew Morton <akpm@...ux-foundation.org> Cc: Cyrill Gorcunov <gorcunov@...nvz.org>, LKML <linux-kernel@...r.kernel.org>, Oleg Nesterov <oleg@...hat.com>, KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>, Pavel Emelyanov <xemul@...allels.com>, Kees Cook <keescook@...omium.org>, Tejun Heo <tj@...nel.org>, Matt Helsley <matthltc@...ibm.com> Subject: Re: [patch 1/2] c/r: prctl: Add ability to set new mm_struct::exe_file On Mon, Mar 19, 2012 at 11:46 PM, Andrew Morton <akpm@...ux-foundation.org> wrote: > Well, let's discuss this more completely. In what ways could an > attacker use this? How serious is the problem? What actions can be > taken to lessen it? etcetera. After considering the problem a bit more I think it's not a big problem. We must not trust /proc/pid/exe in anyway. An attacker can always execute another binary without calling execve(). So, why makes that one-short fashion the feature more secure? Let the user change the exe symlink as often as he wants. >From a security point of view the exe symlink is anyway useless. -- Thanks, //richard -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists