Re: question about /proc/<PID>/mem in 2.4 (fwd)
From: Alan Cox
Date: Fri Jul 23 2004 - 12:37:31 EST
On Sun, Jul 18, 2004 at 01:41:34PM +0100, Tigran Aivazian wrote:
> > | setuidapp < /proc/self/mem
> >
> > ...
> > See Alan's example I've quoted above. In this scenario, it would be
> > the program being attacked which will be checked for possession of the
> > capability... if it is SUID root, the attack will succeed.
>
> In the above example there is nothing forbidden and the current state of
> things doesn't prevent the program from reading it's own address space.
I meant to say exec setuidapp </proc/self/mem
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/