question about /proc/<PID>/mem in 2.4
From: Tigran Aivazian
Date: Mon Jul 05 2004 - 07:51:58 EST
Hello,
I noticed that in 2.4.x kernels the fs/proc/base.c:mem_read() function has
this permission check:
if (!MAY_PTRACE(task) || !may_ptrace_attach(task))
return -ESRCH;
Are you sure it shouldn't be like this instead:
if (!MAY_PTRACE(task) && !may_ptrace_attach(task))
return -ESRCH;
Because, normally MAY_PTRACE() is 0 (i.e. for any process worth looking at :)
so may_ptrace_attach() is never even called.
Is there any reason for the above check on each read(2)? Shouldn't there
be a simple check at ->open() time only? I assume this is to close some
obscure "security hole" but I would like to see the explanation of how
could any problem arise if a) such check wasn't done at all (except at
open(2) time) or at least b) there was && instead of ||.
The 2.6.x situation is similar except the addition of the security stuff.
Kind regards
Tigran
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/