Re: /proc/*/mem and mmap() security hole?

Andrej Presern (andrejp@luz.fe.uni-lj.si)
Sat, 10 Jan 1998 03:15:31 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Oliver Teuber: "ISDN and 2.1.x (2.1.78)"
Previous message: Theodore Y. Ts'o: "Re: EXT2 and contiguous files"
Maybe in reply to: Andrej Presern: "/proc/*/mem and mmap() security hole?"

linux kernel account wrote:
>
> On 9 Jan 1998, Benny Amorsen wrote:
>
> > >>>>> "AP" == Andrej Presern <andrejp@luz.fe.uni-lj.si> writes:
> >
> > AP> It makes me wonder if there is a way a process can prevent some
> > AP> other process from accessing any of its address space. Not being
> > AP> able to do so would open up a potential security hole that would
> > AP> enable the superuser to extract the information that is supposed
> > AP> to stay private by mmap()ing the address space of an intresting
> > AP> process into its own and examining (and possibly modifying) it.
> >
> > Would people please stop trying to protect a unix system from root?
> > Root can patch the kernel on the fly to get around any "protection".
>
> No, actually, with a proper securelevel implimentation root can't.
> What happened to the patches for securelevel being a bitmap, and the
> ability to chmod /proc/[pid] dirs to hide their processes?
>
> Both of those were quite execlent, and are on my top 10 list.. :)

It would be nice to have this in the kernel.

Btw, does the current mmap() implementation work sufficiently good
when mmaping /proc/pid/mem (or does it work at all)? I saw some
remarks in the man page but have no idea whether this has actually
been implemented by now (and is safe to use) or not.

Andrej

Next message: Oliver Teuber: "ISDN and 2.1.x (2.1.78)"
Previous message: Theodore Y. Ts'o: "Re: EXT2 and contiguous files"
Maybe in reply to: Andrej Presern: "/proc/*/mem and mmap() security hole?"