procfs permissions on 2.6.x
From: Herbert Poetzl
Date: Sat Jul 03 2004 - 15:24:03 EST
Hi Andrew!
stumbled over the following detail ...
usually when somebody tries to modify an inode,
notify_change() calls inode_change_ok() to verify
the user's permissions ... now it seems that
somewhere around 2.5.41, a patch similar to this
one was included into the mainline, and remained
almost unmodified ...
http://www.uwsg.iu.edu/hypermail/linux/kernel/0210.1/1002.html
this probably unintentionally circumvents the
inode_change_ok() check, so that now any user
can modify inodes of the procfs.
example:
$ chmod a-rwx /proc/cmdline
the following patch hopefully fixes this, so
please consider for inclusion ...
TIA,
Herbert
diff -NurpP --minimal linux-2.6.7/fs/proc/generic.c linux-2.6.7-fix/fs/proc/generic.c
--- linux-2.6.7/fs/proc/generic.c 2004-06-16 07:20:26.000000000 +0200
+++ linux-2.6.7-fix/fs/proc/generic.c 2004-07-03 21:50:30.000000000 +0200
@@ -241,8 +241,20 @@ static int proc_notify_change(struct den
return error;
}
+static int proc_setattr(struct dentry *dentry, struct iattr *iattr)
+{
+ struct inode *inode = dentry->d_inode;
+ int error;
+
+ error = inode_change_ok(inode, iattr);
+ if (error)
+ return error;
+ error = proc_notify_change(dentry, iattr);
+ return error;
+}
+
static struct inode_operations proc_file_inode_operations = {
- .setattr = proc_notify_change,
+ .setattr = proc_setattr,
};
/*
@@ -472,7 +484,7 @@ static struct file_operations proc_dir_o
*/
static struct inode_operations proc_dir_inode_operations = {
.lookup = proc_lookup,
- .setattr = proc_notify_change,
+ .setattr = proc_setattr,
};
static int proc_register(struct proc_dir_entry * dir, struct proc_dir_entry * dp)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/