Re: question about /proc/<PID>/mem in 2.4

[Tigran Aivazian]

On Tue, 6 Jul 2004, Arjan van de Ven wrote:
> may I ask what the point is ?

Yes, sure. I asked about the point of this check in the function 
fs/proc/base.c:mem_read() (in 2.4 but 2.6 is similar):

           if (!MAY_PTRACE(task) || !may_ptrace_attach(task))
                return -ESRCH;

If you check the definition of MAY_PTRACE() macro and may_ptrace_attach() 
function then you will notice that if a typical root process (uid=euid=0)
tries to read /proc/<PID>/mem file for a process other than itself or one 
of its children then MAY_TRACE() will return 0 and therefore the above 
check will be if (1 || !may_ptrace_attach(task)) and thus evaluate to 1 
and return -ESRCH.

Therefore, even a privileged process (with CAP_SYS_PTRACE capability) is 
not allowed to read arbitrary process' /proc/<PID>/mem file.

This can be worked around by writing a (GPL of course) module but I didn't
want to spend time writing it (although actually I went ahead and started
writing it yesterday evening anyway :) if the above check is erroneous and
can simply be relaxed to allow root to read it. This will save me time and
effort, that's all.

But if the above check is there for a good reason, then I would like to 
know what that reason is, exactly.

Kind regards
Tigran


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/