Andrej> Hello While working on a project I learned that a process can
Andrej> mmap() another process' address space (owned by the same user)
Andrej> via /proc/pid/mem. Now it makes me wonder if there is a way a
Andrej> process can prevent some other process from accessing any of
Andrej> its address space. Not being able to do so would open up a
Andrej> potential security hole that would enable the superuser to
Andrej> extract the information that is supposed to stay private by
Andrej> mmap()ing the address space of an intresting process into its
Andrej> own and examining (and possibly modifying) it.
inaky@jovian:~/.correo % ls -l /proc/self/
total 0
-r--r--r-- 1 inaky inaky 0 Jan 9 13:51 cmdline
lrwx------ 1 inaky inaky 0 Jan 9 13:51 cwd -> /home/usr/inaky/.correo
-r-------- 1 inaky inaky 0 Jan 9 13:51 environ
lrwx------ 1 inaky inaky 0 Jan 9 13:51 exe -> /bin/ls
dr-x------ 1 inaky inaky 0 Jan 9 13:51 fd
pr--r--r-- 1 inaky inaky 0 Jan 9 13:51 maps
-rw------- 1 inaky inaky 0 Jan 9 13:51 mem
^^^^^^^^^^ Only root or me can mmap() this file
lrwx------ 1 inaky inaky 0 Jan 9 13:51 root -> /
-r--r--r-- 1 inaky inaky 0 Jan 9 13:51 stat
-r--r--r-- 1 inaky inaky 0 Jan 9 13:51 statm
-r--r--r-- 1 inaky inaky 0 Jan 9 13:51 status
inaky@jovian:~/.correo %
No problem ... as long as root isn't evil :)
Cheers
Linux-USB! http://peloncho.fis.ucm.es/~inaky/USB.html -
-
Inaky Perez Gonzalez -- PGP pubkey fingerprint -
inaky@peloncho.fis.ucm.es -- 8E 34 3A 62 64 99 E2 44 -
http://peloncho.fis.ucm.es/~inaky -- AD 7B 30 D9 DD FF 3E 4C -
--------------------------------- -- ----------------------- -
The loneliness of the long distance runner .....