Re: [PATCH] Security fix for 2.1.111, 2.0.x forwardport

Chris Wedgwood (chris@cybernet.co.nz)
Thu, 30 Jul 1998 12:30:49 +1200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mark Lord: "The Patch to re-enable IDE-DMA"
Previous message: Andrej Presern: "Re: Corruption Stats: Suggested Blacklist from the data"
In reply to: Rik van Riel: "Re: LKPK (Live Kernel Patching Kit)"

On Sun, Jul 26, 1998 at 10:23:14PM +0100, Alan Cox wrote:

> The only other one I can find off hand is the /proc stuff - sitting with
> /proc/somepid/file open when the PID is reused.

I've been trying to think of a good way to avoid this - and can't
really think of anything terribly useful.

One (ugly hack) that does come to mind though, is, if it is possible
to find all files open referencing and inode between (X & Y), then
when pid n exits, close any open descriptors associated with
inode (n<<16 & 0xFFFF0000).

It would also require revoking an mmap'd pages from /proc/n/mem - but
then again, it looks like mmap on /proc/n/mem shouldn't be allowed
anyhow.

Feasible?

-cw

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html

Next message: Mark Lord: "The Patch to re-enable IDE-DMA"
Previous message: Andrej Presern: "Re: Corruption Stats: Suggested Blacklist from the data"
In reply to: Rik van Riel: "Re: LKPK (Live Kernel Patching Kit)"