On Wed, Sep 14, 2005 at 07:31:12PM -0500, Sripathi Kodi wrote:
> I can move this code from proc_root_link() to proc_check_root(), but it
> will still not be completely limited to ->permission() path. I can create a
> separate ->permission() for proc_task_inode_operations, and have this
> additional code there. If I do that, I think I will have to duplicate much
> of proc_check_root(). Or else, I will have to split proc_check_root() into
> two functions to prevent code duplication. Please let me know if any of
> these makes sense, and I will send another patch.
The last variant would be preferable if we go in that direction...
> If you don't like this idea at all, please let me know if there any other
> way of solving the invisible threads problem, short of taking out
> ->permission() altogether from proc_task_inode_operations.
Frankly, I don't see the rationale for combination of
* allowing anyone see all processes in top-level directory and
visit their directories, chroot or not
* allowing anyone see /proc/<pid>/task/*, unless separated by
chroot (note that we allow that regardless of process ownership, etc.)
* disallowing to see /proc/<pid>/task/* if leader is or used to be
outside of our chroot.
IOW, it's either too weak or too strong; current rules make very little
sense, regardless of the behaviour when group leader dies.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
| |
 |