Re: [PATCH v3] proc: fix races against execve() of /proc/PID/fd**

From: Andrew Morton
Date: Mon Aug 29 2011 - 19:05:51 EST

Next message: Andrew Morton: "Re: [PATCH] mm: fix page-faults detection in swap-token logic"
Previous message: Andrew Morton: "Re: [PATCH v3] proc: fix races against execve() of /proc/PID/fd**"
In reply to: Andrew Morton: "Re: [PATCH v3] proc: fix races against execve() of /proc/PID/fd**"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 29 Aug 2011 22:00:11 +0400
Vasiliy Kulikov <segoon@xxxxxxxxxxxx> wrote:

> Used existing (un)lock_trace functions to check for ptrace_may_access(),
> but instead of using EPERM return code from it use EACCES to be
> consistent with existing proc_pid_follow_link()/proc_pid_readlink()
> return code. If they differ, attacker can guess what fds exist by
> analyzing stat() return code.

doh, I missed that bit. Fair enough.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "Re: [PATCH] mm: fix page-faults detection in swap-token logic"
Previous message: Andrew Morton: "Re: [PATCH v3] proc: fix races against execve() of /proc/PID/fd**"
In reply to: Andrew Morton: "Re: [PATCH v3] proc: fix races against execve() of /proc/PID/fd**"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]