Re: [PATCH] new syscall: flink

From: Wichert Akkerman (wichert@wiggy.net)
Date: Mon Apr 07 2003 - 13:47:19 EST

Next message: Werner Almesberger: "Re: [PATCH] new syscall: flink"
Previous message: Mark Mielke: "Re: An idea for prefetching swapped memory..."
In reply to: H. Peter Anvin: "Re: [PATCH] new syscall: flink"
Next in thread: Bill Rugolsky Jr.: "Re: [PATCH] new syscall: flink"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Previously H. Peter Anvin wrote:
> b) This is a security hole, in which case /proc needs to be fixed. In
> particular, the open("/proc/self/fd/3", O_RDWR) in my example above
> should return EPERM.

proc might not be a problem if you deal with a chroot or namespace which
doesn't have proc mounted and no processes running with mount
capabilities. flink could still be a problem in those situations.

Wichert.

-- 
Wichert Akkerman <wichert@wiggy.net>           http://www.wiggy.net/
A random hacker
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: Werner Almesberger: "Re: [PATCH] new syscall: flink"
Previous message: Mark Mielke: "Re: An idea for prefetching swapped memory..."
In reply to: H. Peter Anvin: "Re: [PATCH] new syscall: flink"
Next in thread: Bill Rugolsky Jr.: "Re: [PATCH] new syscall: flink"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Mon Apr 07 2003 - 22:00:32 EST