Re: 2.6.13: can kill X server but readlink of /proc/<pid>/exe et. al. says EACCES. feature?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Sep 06, 2005 at 08:50:41PM +0200, Frank van Maarseveen wrote:
> On Tue, Sep 06, 2005 at 06:57:37PM +0100, [email protected] wrote:
> > On Tue, Sep 06, 2005 at 07:53:49PM +0200, Frank van Maarseveen wrote:
> > > While I have access to /proc/<pid>, readlink fails with EACCES on
> > > 
> > > 	/proc/<pid>/exe
> > > 	/proc/<pid>/cwd
> > > 	/proc/<pid>/root
> > > 
> > > even when I own <pid> though it runs with a different effective/saved/fs
> > > uid such as the X server. This is a bit uncomfortable and doesn't
> > > seem right.
> > > 
> > > Or is this to make /proc mounting inside a chroot jail safe?
> > 
> > suid-root task does chdir() to place you shouldn't be able to access.
> > You do cd /proc/<pid>/cwd and get there anyway.  Bad Things Happen...
> 
> Ok, but being able to do readlink() does not mean that one can chdir(),
> usually.

follow_link on these guys does _not_ traverse parent directories.  So chdir()
checks are more relaxed that way.  Even if we made checks on readlink work
differently, we would still get an information leak - e.g. if task had
created a directory with pathname derived from sensitive data and did chdir
there.  Being able to kill a task != being able to see pieces of its state...

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]
  Powered by Linux