Re: [PATCH 2.6.12.3] Deny chmod in /proc/<pid>/

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Jan Engelhardt <[email protected]> wrote:
>
> >This patch tries to fix the strange behaviour in /proc/<pid>/,
> >where it is currently possible for the owner of a process to
> >temporarily chmod the entries.
>
> I am on 2.6.13-rc3-git5 and I do not see such behavior:
>
> 08:16 spectre:/proc/21345 # chown 1337 smaps
> 08:16 spectre:/proc/21345 # l -n smaps
> -r--r--r--  1 25121 0   0 Aug  3 08:16 smaps
> 08:16 spectre:/proc/21345 #

Did you mean "chmod"?  And I don't even have "smaps".

I tried this on 2.6.13-rc5 to make sure it hasn't been fixed since
2.6.12.3.  Here is a sample session to illustrate the problem:

	$ uname -sr
	Linux 2.6.13-rc5
	$ ./a.out &
	[2] 181
	$ cd /proc/181
	$ ls -l
	total 0
	-r--------   1 jpv      user            0 Aug  3 11:37 auxv
	-r--r--r--   1 jpv      user            0 Aug  3 11:37 cmdline
	lrwxrwxrwx   1 jpv      user            0 Aug  3 11:37 cwd -> ...
	-r--------   1 jpv      user            0 Aug  3 11:37 environ
	lrwxrwxrwx   1 jpv      user            0 Aug  3 11:37 exe -> ...
	dr-x------   2 jpv      user            0 Aug  3 11:37 fd
	-r--r--r--   1 jpv      user            0 Aug  3 11:37 maps
	-rw-------   1 jpv      user            0 Aug  3 11:37 mem
	-r--r--r--   1 jpv      user            0 Aug  3 11:37 mounts
	-rw-r--r--   1 jpv      user            0 Aug  3 11:37 oom_adj
	-r--r--r--   1 jpv      user            0 Aug  3 11:37 oom_score
	lrwxrwxrwx   1 jpv      user            0 Aug  3 11:37 root -> /
	-rw-------   1 jpv      user            0 Aug  3 11:37 seccomp
	-r--r--r--   1 jpv      user            0 Aug  3 11:37 stat
	-r--r--r--   1 jpv      user            0 Aug  3 11:37 statm
	-r--r--r--   1 jpv      user            0 Aug  3 11:37 status
	dr-xr-xr-x   3 jpv      user            0 Aug  3 11:37 task
	-r--r--r--   1 jpv      user            0 Aug  3 11:37 wchan
	$ chmod 7777 auxv cmdline environ fd m* o* s* task wchan
	$ ls -l
	total 0
	-rwsrwsrwt   1 jpv      user            0 Aug  3 11:37 auxv
	-rwsrwsrwt   1 jpv      user            0 Aug  3 11:37 cmdline
	lrwxrwxrwx   1 jpv      user            0 Aug  3 11:37 cwd -> ...
	-rwsrwsrwt   1 jpv      user            0 Aug  3 11:37 environ
	lrwxrwxrwx   1 jpv      user            0 Aug  3 11:37 exe -> ...
	drwsrwsrwt   2 jpv      user            0 Aug  3 11:37 fd
	-rwsrwsrwt   1 jpv      user            0 Aug  3 11:37 maps
	-rwsrwsrwt   1 jpv      user            0 Aug  3 11:37 mem
	-rwsrwsrwt   1 jpv      user            0 Aug  3 11:37 mounts
	-rwsrwsrwt   1 jpv      user            0 Aug  3 11:37 oom_adj
	-rwsrwsrwt   1 jpv      user            0 Aug  3 11:37 oom_score
	lrwxrwxrwx   1 jpv      user            0 Aug  3 11:37 root -> /
	-rwsrwsrwt   1 jpv      user            0 Aug  3 11:37 seccomp
	-rwsrwsrwt   1 jpv      user            0 Aug  3 11:37 stat
	-rwsrwsrwt   1 jpv      user            0 Aug  3 11:37 statm
	-rwsrwsrwt   1 jpv      user            0 Aug  3 11:37 status
	drwsrwsrwt   3 jpv      user            0 Aug  3 11:37 task
	-rwsrwsrwt   1 jpv      user            0 Aug  3 11:37 wchan
	$ eatmem
	malloc: Cannot allocate memory
	$ ls -l
	total 0
	-r--------   1 jpv      user            0 Aug  3 11:44 auxv
	-r--r--r--   1 jpv      user            0 Aug  3 11:44 cmdline
	lrwxrwxrwx   1 jpv      user            0 Aug  3 11:44 cwd -> ...
	-r--------   1 jpv      user            0 Aug  3 11:44 environ
	lrwxrwxrwx   1 jpv      user            0 Aug  3 11:44 exe -> ...
	dr-x------   2 jpv      user            0 Aug  3 11:44 fd
	-r--r--r--   1 jpv      user            0 Aug  3 11:44 maps
	-rw-------   1 jpv      user            0 Aug  3 11:44 mem
	-r--r--r--   1 jpv      user            0 Aug  3 11:44 mounts
	-rw-r--r--   1 jpv      user            0 Aug  3 11:44 oom_adj
	-r--r--r--   1 jpv      user            0 Aug  3 11:44 oom_score
	lrwxrwxrwx   1 jpv      user            0 Aug  3 11:44 root -> /
	-rw-------   1 jpv      user            0 Aug  3 11:44 seccomp
	-r--r--r--   1 jpv      user            0 Aug  3 11:44 stat
	-r--r--r--   1 jpv      user            0 Aug  3 11:44 statm
	-r--r--r--   1 jpv      user            0 Aug  3 11:44 status
	dr-xr-xr-x   3 jpv      user            0 Aug  3 11:44 task
	-r--r--r--   1 jpv      user            0 Aug  3 11:44 wchan

> Though, chmod /proc/21345 correctly yielded EPERM.

That's because the /proc/<pid> directories are S_IMMUTABLE, so the
problem doesn't arise there.

	Johan Veenhuizen
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]
  Powered by Linux