Re: /proc/<pid>/mem unreadable (was strace and linux 1.3.97)

Aaron Ucko (UCKO@vax1.rockhurst.edu)
Tue, 30 Apr 1996 21:11:37 -0600 (CST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: shaggenbunsenburner: "Re: Extensions to HFS filesystem"
Previous message: Steven L Baur: "Re: Console DEL Key Bug in 1.3.*"
Maybe in reply to: gs@sismosr.com.ar: "/proc/<pid>/mem unreadable (was strace and linux 1.3.97)"

>The same happened to me. The problem is that strace accesses the tracee's
>memory through /proc/<pid>/mem but as of 1.3.96 any read from processes
>different from the one which owns the memory fail with EACCES.
>Here is the relevant piece of code from linux/fs/proc/mem.c in function
>mem_read:
>
>
> if (count < 0)
> return -EINVAL;
> pid = inode->i_ino;
> pid >>= 16;
>! if (pid != current->pid)
>! return -EACCES;
> tsk = current;
> addr = file->f_pos;
> count = check_range(tsk, addr, count);
> if (count < 0)
> return count;
> tmp = buf;
>
>Can anyone out there tell me if there is any reason for this new behavior?

This looks like an overly-conservative patch for the /proc/<pid>/mem
security hole involving setuid programs. The kernel should really return
EACCESS only if the process we are trying to read is setuid.

(Got to start reading those patches more carefully... :-))

-- Aaron Ucko (ucko@vax1.rockhurst.edu; finger for PGP public key) | httyp!
"That's right," he said. "We're philosophers. We think, therefore we am."
-- Terry Pratchett, _Small Gods_ | Geek Code 3.1 [for explanation, finger
hayden@mankato.msus.edu]: GCS/M/S/C d- s: a18 C++(+++)>++++ UL++>++++ P++
L++>+++++ E- W(-) N++(+) o+ K- w--- O M@ V-(--) PS++(+++) PE- Y(+) PGP(+) t(+)
!5 X-- R(-) tv-@ b++(+++) DI+ !D-- G++(+++) e->+++++(*) h!>+ r-(--)>+++ y?

Next message: shaggenbunsenburner: "Re: Extensions to HFS filesystem"
Previous message: Steven L Baur: "Re: Console DEL Key Bug in 1.3.*"
Maybe in reply to: gs@sismosr.com.ar: "/proc/<pid>/mem unreadable (was strace and linux 1.3.97)"