Re: Why are exe, cwd, and root priviledged bits of information?

Daniel Jacobowitz (dan@debian.org)
Thu, 7 Nov 2002 11:05:21 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mikael Pettersson: "Re: [PATCH][2.5-AC] Forced enable/disable local APIC"
Previous message: Clayton Weaver: "Re: [2.4.19] read(2) and page aligned buffers (forget it, missing"

On Thu, Nov 07, 2002 at 10:57:06AM -0500, Calin A. Culianu wrote:
>
> In the /prod/PID subset of procfs, why are the exe, cwd, and root symlinks
> considered priviledged information?
>
> Exe is the big one for me, as this one can be usually infered from reading
> /prod/PID/maps. Root I guess can't be inferred in any unpriviledged way,
> and neither can cwd. At any rate.. I am not sure behind the philosophy to
> make these symlinks' destinations priviledged... can someone clarify
> this?

This came up a little while ago. The answer is that maps should be
priviledged also.

For instance:
You can protect a directory by giving its parent directory no read
permissions. The name of the directory is now secret. You don't want
to reveal it in cwd.

-- 
Daniel Jacobowitz
MontaVista Software                         Debian GNU/Linux Developer
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: Mikael Pettersson: "Re: [PATCH][2.5-AC] Forced enable/disable local APIC"
Previous message: Clayton Weaver: "Re: [2.4.19] read(2) and page aligned buffers (forget it, missing"