Re: [PATCH] restrict reading from /proc/<pid>/maps to those who share ->mm or can ptrace pid

From: Al Viro
Date: Sat Jan 05 2008 - 04:49:18 EST

Next message: Adrian Bunk: "Re: [patch 1/2] move WARN_ON() out of line"
Previous message: Adrian Bunk: "Re: [2.6.25 patch] remove a.out interpreter for ELF executables"
In reply to: Andrew Morton: "Re: [PATCH] restrict reading from /proc/<pid>/maps to those whoshare ->mm or can ptrace pid"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Jan 05, 2008 at 01:31:09AM -0800, Andrew Morton wrote:
> On Wed, 2 Jan 2008 14:09:57 +0000 Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote:
>
> > Contents of /proc/*/maps is sensitive and may become sensitive
> > after open() (e.g. if target originally shares our ->mm and later
> > does exec on suid-root binary).
>
> um, which contents?

Information about the addresses where libraries, etc. got mapped, to
start with - if you have that randomized, you don't want it seen
by attacker who tries to escalate...

> > Check at read() (actually, ->start() of iterator) time that
> > mm_struct we'd grabbed and locked is
> > * still the ->mm of target
> > * equal to reader's ->mm or the target is ptracable by reader.
> >
>
> Specifically, do /proc/pid/smaps and the maps4 goodies in -mm need similar
> treatment?

They differ only in ->show(), so this patch takes care of them as well...
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Adrian Bunk: "Re: [patch 1/2] move WARN_ON() out of line"
Previous message: Adrian Bunk: "Re: [2.6.25 patch] remove a.out interpreter for ELF executables"
In reply to: Andrew Morton: "Re: [PATCH] restrict reading from /proc/<pid>/maps to those whoshare ->mm or can ptrace pid"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]