suid/sgid programs can't read their own memory

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Alan Cox: "Re: network card detection in 2.3.18ac7"
• Previous message: Peter Desnoyers: "Re: Turning lucent winmodem into soundcard (RT-Linux -when?)"
• Next in thread: Jamie Lokier: "Re: Turning lucent winmodem into soundcard (RT-Linux -when?)"
• Reply: Jamie Lokier: "Re: Turning lucent winmodem into soundcard (RT-Linux -when?)"

because of the p->dumpable check in `proc_pid_fill_inode'
(fs/proc/base.c), binaries that are set[ug]id are not permitted to
open "/proc/self/mem" (since this is owned by 0.0 in this case). Is
this a bug, or am I just missing the rationale for this?

Simple testcase:

#include <stdio.h>
#include <unistd.h>
#include <sys/stat.h>

int main()
{
char *name = "/proc/self/mem";
FILE *f;
struct stat st;

stat(name, &st);
printf("%s uid %d gid %d\n", name, st.st_uid, st.st_gid);
f = fopen(name, "r");
if (f)
fclose(f);
else
perror("open");
return 0;
}

-- 
Robert Bihlmeyer       reads: Deutsch, English, MIME, Latin-1, NO SPAM!
<robbe@orcus.priv.at>    <http://stud2.tuwien.ac.at/~e9426626/sig.html>

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Alan Cox: "Re: network card detection in 2.3.18ac7"
• Previous message: Peter Desnoyers: "Re: Turning lucent winmodem into soundcard (RT-Linux -when?)"
• Next in thread: Jamie Lokier: "Re: Turning lucent winmodem into soundcard (RT-Linux -when?)"
• Reply: Jamie Lokier: "Re: Turning lucent winmodem into soundcard (RT-Linux -when?)"