> > Argh, it works in 2.0.x too? That, I didn't know :)
>
> Yep. I assumed you meant 2.0 originally so fixed it there 8)
Actually on second thoughts I think we might be talking about two
different things.
1) [2.0.x and 2.1.x problem, ust fixed]. A user holds open a fd to eg.
/proc/<pid>/environ. Where <pid> is a process he owns. He allows this
process to exit and the pid slot to get reused. Voila he can view info on
someone else's process he shouldn't
2) [2.1.x only I think, my original complaint]. A user holds open a fd to
a /proc/<pid> _direcotory_. In a second process he chmod()s the
/proc/<pid> directory and the change persists. Now, he has hidden his own
process! This is an unexpected thing for him to be able to do. An admin
might expect not to need root to get full details of all the stuff running
on his machine using "ps auwx"...
Is that clearer?
Cheers
Chris
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html