Re: [PATCH] Add a /proc/self/exedir link

From: Neil Brown
Date: Fri Apr 07 2006 - 04:00:57 EST

Next message: Yi Yang: "Re: [2.6.16 PATCH] Filessytem Events Reporter V2"
Previous message: Luke Yang: "Re: Fw: [PATCH] use "#ifdef __KERNEL" to avoid compile error in input.h"
In reply to: Tony Luck: "Re: [PATCH] Add a /proc/self/exedir link"
Next in thread: Andreas Schwab: "Re: [PATCH] Add a /proc/self/exedir link"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thursday April 6, tony.luck@xxxxxxxxx wrote:
> > > I have concerns about security policy ...
> >
> > I'm not sure I understand. Only if you run that program, and if you
> > don't have access to the intermediate directory, how do you run it?
>
> It leaks information about the parts of the pathname below the
> directory that you otherwise would not be able to see. E.g. if
> I have $HOME/top-secret-projects/secret-code-name1/binary
> where the top-secret-projects directory isn't readable by you,
> then you may find out secret-code-name1 by reading the
> /proc/{pid}/exedir symlink.

But we already have /proc/{pid}/exe which is a symlink to the
executable, thus exposing all the directory names already.

NeilBrown
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Yi Yang: "Re: [2.6.16 PATCH] Filessytem Events Reporter V2"
Previous message: Luke Yang: "Re: Fw: [PATCH] use "#ifdef __KERNEL" to avoid compile error in input.h"
In reply to: Tony Luck: "Re: [PATCH] Add a /proc/self/exedir link"
Next in thread: Andreas Schwab: "Re: [PATCH] Add a /proc/self/exedir link"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]