Andreas Schwab <[email protected]> writes:
> Neil Brown <[email protected]> writes:
>
>> On Thursday April 6, [email protected] wrote:
>>> > > I have concerns about security policy ...
>>> >
>>> > I'm not sure I understand. Only if you run that program, and if you
>>> > don't have access to the intermediate directory, how do you run it?
>>>
>>> It leaks information about the parts of the pathname below the
>>> directory that you otherwise would not be able to see. E.g. if
>>> I have $HOME/top-secret-projects/secret-code-name1/binary
>>> where the top-secret-projects directory isn't readable by you,
>>> then you may find out secret-code-name1 by reading the
>>> /proc/{pid}/exedir symlink.
>>
>> But we already have /proc/{pid}/exe which is a symlink to the
>> executable, thus exposing all the directory names already.
>
> Neither of which should be readable by anyone but the owner of the
> process, which is the one who was able to read the secret directory in the
> first place.
In most cases. It is possible you got the executable through
file descriptor passing and the like.
The security check in -mm allows anyone who may ptrace the
process to have read access. In 2.6.17-rc1 the check is
still the owner of the process and anyone with CAP_DAC_ACCESS
may read or use the link.
Eric
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]