Re: [PATCH 1/2] proc: restrict access to /proc/PID/io

[Balbir Singh]

On Tue, Jun 28, 2011 at 6:43 AM, Balbir Singh <balbir@xxxxxxxxxxxxxxxxxx> wrote:
> On Fri, Jun 24, 2011 at 5:38 PM, Vasiliy Kulikov <segoon@xxxxxxxxxxxx> wrote:
>> /proc/PID/io may be used for gathering private information.  E.g. for
>> openssh and vsftpd daemons wchars/rchars may be used to learn the
>> precise password length.  Restrict it to processes being able to ptrace
>> the target process.
>>
>
> Hmm.. How do I reproduce this, won't they be enough randomness around
> rchar/wchar by the time the attacker reads it?
>
>> ptrace_may_access() is needed to prevent keeping open file descriptor of
>> "io" file, executing setuid binary and gathering io information of the
>> setuid'ed process.

Please NOTE my email address has changed to bsingharora@xxxxxxxxx, the
last email has an invalid from header.
I apologize for the inconvenience

Balbir Singh
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/