Re: [PATCH] new syscall: flink

David Wagner (daw@mozart.cs.berkeley.edu)
7 Apr 2003 06:43:40 GMT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Vitaly: "Re: [PATCH] new syscall: flink"
Previous message: Paul Mackerras: "Re: [PATCH] Qemu support for PPC"
Maybe in reply to: Ulrich Drepper: "[PATCH] new syscall: flink"
Next in thread: Miquel van Smoorenburg: "Re: [PATCH] new syscall: flink"

H. Peter Anvin wrote:
>Here is a better piece of sample code that actually shows a
>permissions violation happening:
>
>[...]
>mkdir("testdir", 0700) = 0
>open("testdir/testfile", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 3
>write(3, "Ansiktsburk\n", 12) = 12
>close(3) = 0
>open("testdir/testfile", O_RDONLY) = 3
>chmod("testdir", 0) = 0
>open("/proc/self/fd/3", O_RDWR) = 4
>write(4, "Tjo fidelittan hatt!\n", 21) = 21

You're right! Good point. I retract the comments in my previous email.
(I did try an experiment like this, but apparently not the right one.)

My conclusion: /proc/*/fd is a security hole. It should be fixed.
Do you agree?
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Vitaly: "Re: [PATCH] new syscall: flink"
Previous message: Paul Mackerras: "Re: [PATCH] Qemu support for PPC"
Maybe in reply to: Ulrich Drepper: "[PATCH] new syscall: flink"
Next in thread: Miquel van Smoorenburg: "Re: [PATCH] new syscall: flink"