[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: /proc filesystem allows bypassing directory permissions on

To: mrex@xxxxxxx
Subject: Re: /proc filesystem allows bypassing directory permissions on
From: Pavel Machek <pavel@xxxxxx>
Date: Thu, 29 Oct 2009 21:36:46 +0100

Hi!

> There are two conceivable approaches to implementing the open() for
> a filedescriptor shown in /proc.  Either go throuh the inode and
> check the access permissions on the file at the current time
> (which is a sensible implementation and what the kernel seems
> to be currently doing), or implement it as a dup() and transfer
> of the filedescriptor.  (Tranfering open filedescriptors between
> processes can also be done by IPC).  Implemetenting it via dup()
> would probably keep the original filedescriptor attributes
> (such as read-only) but would require an entirely seperate
> approach to access control (who is allowed to dup() that filedescriptor),
> and it would create problems:  like you would not be able to look
> into files that were opened only for write through /proc, which
> would seriously impair the usefulness of the fd-listing in /proc.

Doing it as dup() is indeed the way to go. /proc/*/fd/ already needs
same uid, so...

                                                                Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) 
http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

References:
- Re: /proc filesystem allows bypassing directory permissions on Linux
  - From: Pavel Machek
- Re: /proc filesystem allows bypassing directory permissions on
  - From: Martin Rex

Prev by Date: SafeNet SoftRemote Local Buffer Overflow - Security Advisory - SOS-09-008
Next by Date: [SECURITY] [DSA 1923-1] New libhtml-parser-perl packages fix denial of service
Previous by thread: Re: /proc filesystem allows bypassing directory permissions on
Next by thread: Re: /proc filesystem allows bypassing directory permissions on Linux
Index(es):
- Date
- Thread