I just noticed something today that I found odd and I know there must be a
good reason for it, but I can't think of what it might be..
Basically if I am listing the contents of a /proc/PID directory, it seems
that the cwd, exe, and root (symlink) entries are invalid unless the
process corresponding to PID is a process owned by me, or I am root. Why
is this?
Is this feature security related?
If so I can't really think of any security issues that would arise from
having that information as a non-priviledged user.
It would seem reasonable to me that users seeing each other's
/prod/PID/root and /proc/PID/exe symlinks isn't really much of a security
vulnerability.. Plus it would make possible a non-root user to grab
statistics on the most popular running binaries, the number of chrooted
processes.. etc.. probably trivial statistics but it still would be nice
to see if any other instance of an application is running (unless there
already is another mechanism for this that I am unaware of).
Anyway any answers appreciated...
-Calin
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Nov 07 2002 - 22:00:45 EST