Re: [PATCH] restrict reading from /proc/<pid>/maps to those who share ->mm or can ptrace pid

From: Al Viro
Date: Sat Jan 05 2008 - 04:49:18 EST


On Sat, Jan 05, 2008 at 01:31:09AM -0800, Andrew Morton wrote:
> On Wed, 2 Jan 2008 14:09:57 +0000 Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote:
>
> > Contents of /proc/*/maps is sensitive and may become sensitive
> > after open() (e.g. if target originally shares our ->mm and later
> > does exec on suid-root binary).
>
> um, which contents?

Information about the addresses where libraries, etc. got mapped, to
start with - if you have that randomized, you don't want it seen
by attacker who tries to escalate...

> > Check at read() (actually, ->start() of iterator) time that
> > mm_struct we'd grabbed and locked is
> > * still the ->mm of target
> > * equal to reader's ->mm or the target is ptracable by reader.
> >
>
> Specifically, do /proc/pid/smaps and the maps4 goodies in -mm need similar
> treatment?

They differ only in ->show(), so this patch takes care of them as well...
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/