Re: [patch] 2.3.18ac10 /proc fixes [Re: [patch] wchan in 2.3.18ac6]

Alan Cox (alan@lxorguk.ukuu.org.uk)
Mon, 4 Oct 1999 13:40:50 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Richard B. Johnson: "Re: 2.2.12 tcp flaw"
Previous message: Alan Cox: "Re: 2.2.13-pre6+ ide cdrom issue"

> It seems to me that kmalloc is preventing nothing else than potentially
> allowing an user to sniff data from a random kernel page looking the
> /proc/ data. This is really a minor problem as the door it too small to be
> exploited (at least it was definitely too small with the 2.2.x timings). I
> can't see no real need to go slow in /proc/.

You can exploit it on an SMP box so the locking is needed. Since the page
exposed could be stuff like crypto keys its an issue.

Alan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Richard B. Johnson: "Re: 2.2.12 tcp flaw"
Previous message: Alan Cox: "Re: 2.2.13-pre6+ ide cdrom issue"