Re: [patch] /proc fix and experimental security patch

Vadim E. Kogan (vadim@vadim.gem.net)
Mon, 15 Jun 1998 02:58:48 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andrew Derrick Balsa: "Re: [PATCH] Cyrix detection for kernels 2.0.34+"
Previous message: Andrej Presern: "Re: Remote fork() and Parallel programming"
Maybe in reply to: Vadim E. Kogan: "[patch] /proc fix and experimental security patch"

Alan Cox wrote:
>
> > - int ino = inode->i_ino & 0xffff;
> >
> > read_lock(&tasklist_lock);
> > if (fill && (p = find_task_by_pid(pid)) != NULL) {
> > - if (p->dumpable || ino == PROC_PID_INO) {
> > - inode->i_uid = p->euid;
> > - inode->i_gid = p->gid;
> > - }
> > + inode->i_uid = p->euid;
> > + inode->i_gid = p->gid;
>
> This appears to be a security hole.
>
> Setuid processes in unix are driven on the basis that even if they drop the
> setuid they may contain information that is 'private'. You can neither
> ptrace nor core dump them. Now you appear to have added the ability to
> access their 'mem' file in /proc freely
Aha. That's why I was asking how it should be...

So, what to do here? Maybe it's correct to have /proc/pid dir for that
process be old uid/gid?

Vadim

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu

Next message: Andrew Derrick Balsa: "Re: [PATCH] Cyrix detection for kernels 2.0.34+"
Previous message: Andrej Presern: "Re: Remote fork() and Parallel programming"
Maybe in reply to: Vadim E. Kogan: "[patch] /proc fix and experimental security patch"