Re: ls -l /proc/1/exe -> Permission denied

From: Joakim Tjernlund
Date: Sun Jul 20 2014 - 15:15:49 EST

Next message: Linda A. Walsh: "Howto tell kernel to use 4096 as granularity & minimum size?"
Previous message: Kees Cook: "Re: Commit d9e7972619334656 breaks KVM's virtio-rng-pci"
In reply to: Richard Weinberger: "Re: ls -l /proc/1/exe -> Permission denied"
Next in thread: Richard Weinberger: "Re: ls -l /proc/1/exe -> Permission denied"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Richard Weinberger <richard@xxxxxx> wrote on 2014/07/20 14:05:41:
>
> Am 20.07.2014 13:51, schrieb Andreas Schwab:
> > Richard Weinberger <richard.weinberger@xxxxxxxxx> writes:
> >> Do you have an example?
> >
> > proc symlinks are special because they actually resolve to the inode.
>
> Ah. If an attacker manages the kernel to follow the symlink he could
> indirectly access that file.
> Thanks for pointing this out!

That is a big if, I read this as you don't trust the kernels impl.
of proc sym links so paper over this with denying all other to read
trivial
data such as the exe sym link.

Jocke
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Linda A. Walsh: "Howto tell kernel to use 4096 as granularity & minimum size?"
Previous message: Kees Cook: "Re: Commit d9e7972619334656 breaks KVM's virtio-rng-pci"
In reply to: Richard Weinberger: "Re: ls -l /proc/1/exe -> Permission denied"
Next in thread: Richard Weinberger: "Re: ls -l /proc/1/exe -> Permission denied"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]