> Richard Guenther wrote:
> > > I don't understand. Do you have suid scripts in your boot process ?
> > > Or do you mean that you used /proc/self/fd regardless of whether the script
> > > was setuid or not ?
> >
> > Yes. I made it "dumb and generic" - passing /proc/self/fd only
> > if the script is setuid seems ok and would probably fix the problem.
>
> How about checking if procfs is mounted? This fix is done for security,
> but it's really a correctness thing and as such I'd like non-setuid
> scripts to be just as correct.
Umm, how? I will probably add an #ifdef CONFIG_PROC around the
suid stuff, but if /proc is just not mounted, it does either
fail (no such file) or err, somebody could stick a trojan horse
to /dev/fd/3? Well, root could. But root could exec the file
suid anyway.
Richard.
-- Richard Guenther <richard.guenther@student.uni-tuebingen.de> PGP: 2E829319 - 2F 83 FC 93 E9 E4 19 E2 93 7A 32 42 45 37 23 57 WWW: http://www.anatom.uni-tuebingen.de/~richi/
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/