Re: procfs permissions on 2.6.x

[Andrew Morton]

viro@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx wrote:
>
> On Sun, Jul 04, 2004 at 02:55:42PM -0700, Andrew Morton wrote:
> > 
> > Some do.  On my test box 1000-odd /proc inodes get allocated and fully
> > freed on each `ls -R /proc'.  65 /proc inodes are freed during `ls -lR
> > /proc/net'.  So maybe it isn't working completely.
> > 
> > But proc_notify_change() copies the inode's uid, gid and mode into the
> > proc_dir_entry, so they get correctly initialised when the inode is
> > reinstantiated, so afaict we have no bug here.
> 
> Why on the earth do we ever want to allow chown/chmod on procfs in the first
> place?

We always have done, even current 2.4 permits it.  But the changes go away
when the /proc file is closed.

> Al, who'd missed that stuff back in 2.5.42, but would love to hear explanation
> anyway.

That change made the chown/chgrp/chmod changes persist after the file is
closed, which seems sensible.

The alternative would be to disallow these changes altogether.  That might
break something, but it seems doubtful.

As for why anyone would _want_ to change these things: no idea.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/