Re: [PATCH] new syscall: flink

Vitaly (manushkinvv@desnol.ru)
Mon, 7 Apr 2003 10:21:56 +0400


On 7 Apr 2003 06:43:40 GMT
daw@mozart.cs.berkeley.edu (David Wagner) wrote:

> H. Peter Anvin wrote:
> >Here is a better piece of sample code that actually shows a
> >permissions violation happening:
> >
> >[...]
> >mkdir("testdir", 0700) = 0
> >open("testdir/testfile", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 3
> >write(3, "Ansiktsburk\n", 12) = 12
> >close(3) = 0
> >open("testdir/testfile", O_RDONLY) = 3
> >chmod("testdir", 0) = 0
> >open("/proc/self/fd/3", O_RDWR) = 4
> >write(4, "Tjo fidelittan hatt!\n", 21) = 21
>
> You're right! Good point. I retract the comments in my previous email.
> (I did try an experiment like this, but apparently not the right one.)
>
> My conclusion: /proc/*/fd is a security hole. It should be fixed.
> Do you agree?
open("/proc/self/fd/3", O_RDWR) -- i thought, it just makes a copy for fd/3, and fd/3 should have the same permissions as it was opened.

> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/