Re: [PATCH] proc: avoid leaking eip, esp, or wchan to non-privileged processes (fwd)
From: Eric W. Biederman
Date: Mon May 04 2009 - 02:09:44 EST
James Morris <jmorris@xxxxxxxxx> writes:
> diff --git a/fs/proc/base.c b/fs/proc/base.c
> index aa763ab..cd3c0d7 100644
> --- a/fs/proc/base.c
> +++ b/fs/proc/base.c
> @@ -319,6 +319,9 @@ static int proc_pid_wchan(struct task_struct *task, char
> *buffer)
> unsigned long wchan;
> char symname[KSYM_NAME_LEN];
>
> + if (!ptrace_may_access(task, PTRACE_MODE_READ))
> + return 0;
> +
> wchan = get_wchan(task);
>
> if (lookup_symbol_name(wchan, symname) < 0)
If the symbol is in the kernel it should be safe to return it's
name, all that is an information leak of a different sort.
Overall I expect we should return -EPERM here and not simply
an empty file.
Have you tested these patches against ps top and similar common
tools?
Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/