[patch] fix for /proc/<pid> fchmod bug

Philip Blundell (nop@blue.netnation.com)
Sat, 7 Nov 1998 01:52:37 -0800 (PST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Philip Blundell: "Re: [patch] fix for /proc/<pid> fchmod bug"
Previous message: Philip Blundell: "Re: [PATCH] getsockname() always fails with EFAULT in 2.1.127pre7"

Currently, a user can open a /proc/pid directory they own and fchmod it.
The permissions stick until they close it.. allowing people to hide
processes from non-root users (I think this was originally pointed out by
Chris Evans on the linux-security-audit list). This patch (against
2.1.126) makes /proc/pid directories immutable.

--- linux/fs/proc/root.c.old Sat Nov 7 01:18:16 1998
+++ linux/fs/proc/root.c Sat Nov 7 01:09:20 1998
@@ -830,6 +830,9 @@
}

dentry->d_op = &proc_dentry_operations;
+ if (inode)
+ inode->i_flags|=S_IMMUTABLE;
d_add(dentry, inode);
return 0;
}

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Philip Blundell: "Re: [patch] fix for /proc/<pid> fchmod bug"
Previous message: Philip Blundell: "Re: [PATCH] getsockname() always fails with EFAULT in 2.1.127pre7"