| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 20 Jul 2014 22:00:02 +0200 From: Richard Weinberger <richard@....at> To: Joakim Tjernlund <joakim.tjernlund@...nsmode.se> CC: LKML <linux-kernel@...r.kernel.org>, Andreas Schwab <schwab@...ux-m68k.org> Subject: Re: ls -l /proc/1/exe -> Permission denied Am 20.07.2014 21:15, schrieb Joakim Tjernlund: > Richard Weinberger <richard@....at> wrote on 2014/07/20 14:05:41: >> >> Am 20.07.2014 13:51, schrieb Andreas Schwab: >>> Richard Weinberger <richard.weinberger@...il.com> writes: >>>> Do you have an example? >>> >>> proc symlinks are special because they actually resolve to the inode. >> >> Ah. If an attacker manages the kernel to follow the symlink he could >> indirectly access that file. >> Thanks for pointing this out! > > That is a big if, I read this as you don't trust the kernels impl. > of proc sym links so paper over this with denying all other to read > trivial > data such as the exe sym link. Feel free to propose a solution for that. :-) Thanks, //richard -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists