Dumpable tasks and ownership of /proc/*/fd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



  Hello,

  I would like to ask why is /proc/*/fd owned by root when the task is
not dumpable - what security concern does it address? It would seem more
reasonable to me if the /proc/*/fd owner would be simply always the real
uid of the process.

  The issue is that now all tasks calling setuid() from root to non-root
during their lifetime will not be able to access their /proc/self/fd.
This is troublesome because the fstatat() and other *at() routines are
emulated by accessing /proc/self/fd/*/path and that will break with
setuid()ing programs, leading to various weird consequences (e.g. with
the latest glibc, nftw() does not work with setuid()ing programs and
furthermore causes the LSB testsuite to fail because of this, etc.).

  Thanks,

-- 
				Petr "Pasky" Baudis
Stuff: http://pasky.or.cz/
Right now I am having amnesia and deja-vu at the same time.  I think
I have forgotten this before.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux