Re: As 2.0 looms

Marek Michalkiewicz (marekm@i17linuxb.ists.pwr.wroc.pl)
Mon, 6 May 1996 19:20:47 +0200 (MET DST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Steve Huston: "Strange brew..."
Previous message: Stephen Robert Norris: "Re: ext2 problems on fast-wide SCSI-2"
In reply to: Ian Jackson: "Re: As 2.0 looms"

> > - /proc is still insecure :-(. You can open /proc/<pid>/mem and
> > hold the file descriptor, then have the target process exec some
> > setuid/setgid/unreadable program and read its memory at will.
> > Not good for things like ssh - the secret host key is there...
>
> Oh, ****, has this _still_ not been fixed ?

Quick fix in .96, but breaks at least some versions of strace. Changed
in .98 - strace works again, but I think there may be a race condition
if read() passes the checks, sleeps on memcpy_tofs() due to a swap-in,
and the target process execs a setuid program in this time window.

> If I revamp my /proc-paranoia patch for 1.3.x, will it get accepted,
> or should I not bother ?

Ask Linus :-). He might not like encoding the flag in the sticky bit of
/proc - maybe add a struct proc_sb_info containing mount flags (there
might be more in the future) like other filesystems do.

Marek

Next message: Steve Huston: "Strange brew..."
Previous message: Stephen Robert Norris: "Re: ext2 problems on fast-wide SCSI-2"
In reply to: Ian Jackson: "Re: As 2.0 looms"