Re: 2.2 imminent.. /proc security fix?

Chris Wedgwood (chris@cybernet.co.nz)
Wed, 14 Oct 1998 09:36:02 +1300

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alan Cox: "Re: Fw: sendpkt: Connection refusedy"
Previous message: Adrian Bolzan: "Re: Different kernels coexisting on the same system..how does"

On Mon, Oct 12, 1998 at 11:43:42AM +0100, Chris Evans wrote:

> Since 2.2 seems imminent, I thought I'd put on my "security hat".
> There's a /proc security fix in 2.0.3x which I'd like to see in
> 2.2.
>
> The fix stops someone holding open "/proc/<pid>/*" files, letting
> the process exit, then waiting for "pid" to be re-used, gaining
> read access to semi-sensitive info.

My preferred fix to this, not possible in 2.2.x time is to make uid_t
32-bit (although this only buys us time... no doubt DaveM or someone
will have a sparc-something that can wrap that is a couple of years).

-cw

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alan Cox: "Re: Fw: sendpkt: Connection refusedy"
Previous message: Adrian Bolzan: "Re: Different kernels coexisting on the same system..how does"