Re: procfs permissions on 2.6.x

From: Christoph Hellwig
Date: Sat Jul 03 2004 - 15:28:53 EST

Next message: Andrew Morton: "Re: procfs permissions on 2.6.x"
Previous message: Andrew Morton: "Re: [PATCH] ipc 1/3: Add refcount to ipc_rcu_alloc"
In reply to: Herbert Poetzl: "procfs permissions on 2.6.x"
Next in thread: Andrew Morton: "Re: procfs permissions on 2.6.x"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Jul 03, 2004 at 10:22:42PM +0200, Herbert Poetzl wrote:
>
> Hi Andrew!
>
> stumbled over the following detail ...
>
> usually when somebody tries to modify an inode,
> notify_change() calls inode_change_ok() to verify
> the user's permissions ... now it seems that
> somewhere around 2.5.41, a patch similar to this
> one was included into the mainline, and remained
> almost unmodified ...
>
> http://www.uwsg.iu.edu/hypermail/linux/kernel/0210.1/1002.html
>
> this probably unintentionally circumvents the
> inode_change_ok() check, so that now any user
> can modify inodes of the procfs.
>
> example:
>
> $ chmod a-rwx /proc/cmdline
>
> the following patch hopefully fixes this, so
> please consider for inclusion ...

Actually the patch you reference above looks extremly bogus and should just
be reverted instead.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "Re: procfs permissions on 2.6.x"
Previous message: Andrew Morton: "Re: [PATCH] ipc 1/3: Add refcount to ipc_rcu_alloc"
In reply to: Herbert Poetzl: "procfs permissions on 2.6.x"
Next in thread: Andrew Morton: "Re: procfs permissions on 2.6.x"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]