| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87bnskxn7g.fsf@igel.home> Date: Sun, 20 Jul 2014 13:51:31 +0200 From: Andreas Schwab <schwab@...ux-m68k.org> To: Richard Weinberger <richard.weinberger@...il.com> Cc: Joakim Tjernlund <joakim.tjernlund@...nsmode.se>, LKML <linux-kernel@...r.kernel.org> Subject: Re: ls -l /proc/1/exe -> Permission denied Richard Weinberger <richard.weinberger@...il.com> writes: > On Sun, Jul 20, 2014 at 12:55 PM, Andreas Schwab <schwab@...ux-m68k.org> wrote: >> Joakim Tjernlund <joakim.tjernlund@...nsmode.se> writes: >> >>> Andreas Schwab <schwab@...ux-m68k.org> wrote on 2014/07/19 22:21:59: >>>> >>>> Joakim Tjernlund <joakim.tjernlund@...nsmode.se> writes: >>>> >>>> > Trying to real /proc/<pid>/exe I noticed I could not read links not >>>> > belonging to my user such as: >>>> > jocke > ls -l /proc/1/exe >>>> > ls: cannot read symbolic link /proc/1/exe: Permission >>> denied >>>> > >>>> > Is this expected? >>>> >>>> Yes. This information is considered private. >>> >>> I don't understand why though. >> >> It would allow bypassing access restrictions. > > Do you have an example? proc symlinks are special because they actually resolve to the inode. Andreas. -- Andreas Schwab, schwab@...ux-m68k.org GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5 "And now for something completely different." -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists