Re: /proc/<pid>/mem unreadable (was strace and linux 1.3.97)

Matthias Urlichs (smurf@smurf.noris.de)
Fri, 3 May 1996 10:11:41 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Thomas Quinot: "Re: .96 and up break strace (with patch)"
Previous message: d-seaman@ukans.edu: "Re: ext2 problems on fast-wide SCSI-2"
Maybe in reply to: gs@sismosr.com.ar: "/proc/<pid>/mem unreadable (was strace and linux 1.3.97)"

In linux.dev.kernel, article <199605021038.FAA16498@caffeine.io.com>,
"James H. Cloos Jr." <cloos@jhcloos.com> writes:
>=20
> Seems to me that the answer, then, is to have /prov/<pid>/mem mod 600
> and owned by the euid of the process, rather than owned by the uid
> that ran it. Linus?
>=20
No, that woon't work, for when the setuid program does a
seteuid(getuid())
exec(user_program)

it's still vulnerable between these two calls.

The _only_ workable solution for this is to invalidate the /proc/###/me=
m
inode when the process in question calls exec().

--=20
Mathematicians do it symmetrically.
--=20
Matthias Urlichs \ Noris Network GmbH i.Gr/ Xlink-POP N=FCrnberg=
=20
Schleiermacherstra=DFe 12 \ Linux+Internet / EMail: urlichs@nor=
is.de
90491 N=FCrnberg (Germany) \ Consulting+Programming+Networking+etc'i=
ng
PGP: 1B 89 E2 1C 43 EA 80 44 15 D2 29 CF C6 C7 E0 DE=20
Click <A HREF=3D"http://info.noris.de/~smurf/finger">here</A>. =
42

Next message: Thomas Quinot: "Re: .96 and up break strace (with patch)"
Previous message: d-seaman@ukans.edu: "Re: ext2 problems on fast-wide SCSI-2"
Maybe in reply to: gs@sismosr.com.ar: "/proc/<pid>/mem unreadable (was strace and linux 1.3.97)"