Re: 2.2 imminent.. /proc security fix?
Jamie Lokier (lkd@tantalophile.demon.co.uk)
Thu, 15 Oct 1998 14:53:02 +0100
On Wed, Oct 14, 1998 at 06:49:02AM -0500, Mitchell Blank Jr wrote:
> As for the /proc/PID/* problem is to just check permissions on each
> read (I believe this is also done in the lastest 2.0's). The long
> term solution would be to have a 64 bit process number that is used
> internally in procfs. We shouldn't try to just garauntee that the PID
> itself won't be reused - it gets hairy if in the future we want to move
> to random PIDs (like OpenBSD) or some other scheme.
I fail to see why the open inode structure cannot be invalidated when a
process is destroyed. Note, the inode _number_ remains reusable. The
currently used structure (and dentry) should be invalidated. See
fs/bad_inode.c, make_bad_inode().
-- Jamie
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/