Re: /proc/*/mem and mmap() security hole?

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Glenn C. Hofmann: "All those confirmation notices from CWRU"
• Previous message: Richard Waltham: "Re: MS-PNR interface card"
• Maybe in reply to: Andrej Presern: "/proc/*/mem and mmap() security hole?"
• Next in thread: Andrej Presern: "Re: /proc/*/mem and mmap() security hole?"

Hello

While working on a project I learned that a process can
mmap() another process' address space (owned by the same
user) via /proc/pid/mem. Now it makes me wonder if there
is a way a process can prevent some other process from
accessing any of its address space. Not being able to do
so would open up a potential security hole that would
enable the superuser to extract the information that is
supposed to stay private by mmap()ing the address space
of an intresting process into its own and examining (and
possibly modifying) it.

root can do anything anyhow. If you prevent this then root can just mmap to
/proc/kcore and get as stuff anyhow.

This is almost nothing you can do against evil superusers.... in general if
you don't piss them off, you won't get larted because they usually have much
better things to do...

In general the ability to mmap to other processes is _way_ kewl and very
useful for debugging, etc. Removing this ability would gain nothing...

-Chris

• Next message: Glenn C. Hofmann: "All those confirmation notices from CWRU"
• Previous message: Richard Waltham: "Re: MS-PNR interface card"
• Maybe in reply to: Andrej Presern: "/proc/*/mem and mmap() security hole?"
• Next in thread: Andrej Presern: "Re: /proc/*/mem and mmap() security hole?"