[PATCH] proc: Document why writing to /proc/pid/mem is a security hazard.

From: Stephen Wilson
Date: Fri Mar 04 2011 - 20:40:14 EST

Next message: Randy Dunlap: "[PATCH 1/2] kernel/signal.c: fix style and typos etc."
Previous message: Randy Dunlap: "[PATCH -next] staging: altera-jtag needs delay.h"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Signed-off-by: Stephen Wilson <wilsons@xxxxxxxx>
---
fs/proc/base.c | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)

diff --git a/fs/proc/base.c b/fs/proc/base.c
index 9d096e8..9d55b7b 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -832,7 +832,11 @@ out_no_task:
#define mem_write NULL

#ifndef mem_write
-/* This is a security hazard */
+/*
+ * As implemented, mem_write would be a security hazard if enabled. For
+ * example, the target task could exec a setuid-root binary between the
+ * permission check and the write into memory.
+ */
static ssize_t mem_write(struct file * file, const char __user *buf,
size_t count, loff_t *ppos)
{
--
1.7.3.5

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Randy Dunlap: "[PATCH 1/2] kernel/signal.c: fix style and typos etc."
Previous message: Randy Dunlap: "[PATCH -next] staging: altera-jtag needs delay.h"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]