Re: As 2.0 looms

Ian Jackson (ian@chiark.chu.cam.ac.uk)
Tue, 30 Apr 96 22:08 BST


Marek Michalkiewicz writes ("Re: As 2.0 looms"):
...
> - /proc is still insecure :-(. You can open /proc/<pid>/mem and
> hold the file descriptor, then have the target process exec some
> setuid/setgid/unreadable program and read its memory at will.
> Not good for things like ssh - the secret host key is there...

Oh, ****, has this _still_ not been fixed ?

If I revamp my /proc-paranoia patch for 1.3.x, will it get accepted,
or should I not bother ?

Ian.