| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CA+rthh8z5HeV93RSrL6-uHyLP-ZMA8=wqG+xyvVn=7=xP4eFbg@mail.gmail.com> Date: Thu, 28 Apr 2016 21:36:26 +0200 From: Mathias Krause <minipli@...glemail.com> To: Mateusz Guzik <mguzik@...hat.com> Cc: Andrew Morton <akpm@...ux-foundation.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Emese Revfy <re.emese@...il.com>, Pax Team <pageexec@...email.hu>, Al Viro <viro@...iv.linux.org.uk>, Alexey Dobriyan <adobriyan@...il.com>, Cyrill Gorcunov <gorcunov@...nvz.org>, Jarod Wilson <jarod@...hat.com> Subject: Re: [PATCH] proc: prevent accessing /proc/<PID>/environ until it's ready On 28 April 2016 at 21:20, Mateusz Guzik <mguzik@...hat.com> wrote: > In this case get_cmdline in mm/util.c should also be patched for > completness. It tests for arg_end, but later accesses env_end. But it'll do this only when argv[] was modified from what the kernel initially wrote, which, in turn, either requires the process to have started executing and messing with it's own argv[] or another process poking at it via ptrace(). In the former case env_end will be non-zero already and I don't know if the latter case is actually possible, i.e. if one can already attach to a process this early. If one can, then yes, that place needs to be modified, too. Thanks, Mathias
Powered by blists - more mailing lists