On Tue, Sep 13, 2005 at 07:53:40AM -0700, Linus Torvalds wrote:
> So this patch is _wrong_.
Definitely.
> I think the problem is "proc_check_root()", which just refuses to do a lot
> of things without a fs. Many of those things are unnecessary, afaik - we
> should allow it. But allowing it means that some other paths may need more
> checking..
>
> So you can _try_ to just make proc_check_root() return 0 when
> proc_root_link() returns an error...
I very much doubt the correctness of that.
The real problem here is obvious: it's about permissions on /proc/<pid>/task.
That's where the things go wrong - we use proc_permission() for it and we
have group leader as associated task.
Note that stuff _in_ proc/<pid>/task will keep working just fine, if we
manage to get to it - there we have other threads as associated tasks,
so everything works as it should.
What we need is to decide what kind of access control do we really want on
/proc/<pid>/task. That's it.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
| |
 |