Re: Leaking path for set_task_comm

From: Alan Cox
Date: Fri Sep 28 2018 - 03:42:43 EST



> Trying to depend on task name for anything security sensitive is at
> _really_ bad idea, so it seems unlikely that a LSM would want to
> protect the process name. (And if they did, the first thing I would
> ask is "Why? What are you trying to do? Do you realize how many
> *other* ways the process name can be spoofed or otherwise controlled
> by a potentially malicious user?")

Two processes that should not be able to otherwise communicate can keep
changing their name to a chunk of data, waiting for an ack flag name
change back.

Alan