On Thursday April 6, [email protected] wrote:
> > > I have concerns about security policy ...
> >
> > I'm not sure I understand. Only if you run that program, and if you
> > don't have access to the intermediate directory, how do you run it?
>
> It leaks information about the parts of the pathname below the
> directory that you otherwise would not be able to see. E.g. if
> I have $HOME/top-secret-projects/secret-code-name1/binary
> where the top-secret-projects directory isn't readable by you,
> then you may find out secret-code-name1 by reading the
> /proc/{pid}/exedir symlink.
But we already have /proc/{pid}/exe which is a symlink to the
executable, thus exposing all the directory names already.
NeilBrown
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
