Re: Why are exe, cwd, and root priviledged bits of information?

David Wagner (daw@mozart.cs.berkeley.edu)
7 Nov 2002 22:44:09 GMT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Erich Focht: "Re: NUMA scheduler BK tree"
Previous message: Frank v Waveren: "Re: /prod/PID-related proc fs question"
Maybe in reply to: Calin A. Culianu: "Why are exe, cwd, and root priviledged bits of information?"

jw schultz wrote:
>On Thu, Nov 07, 2002 at 11:05:21AM -0500, Daniel Jacobowitz wrote:
>> For instance:
>> You can protect a directory by giving its parent directory no read
>> permissions. The name of the directory is now secret. You don't want
>> to reveal it in cwd.
>
>Daniel is correct in that the issue came up recently. He
>gives _his_ answer above. If you believe in security
>through obscurity you will agree with him.

Huh? This has nothing to do with security through obscurity.
This has to do with the Unix permissions model. /proc/pid probably
shouldn't leak information that would otherwise be kept confidential in the
standard Unix permissions model (principle of least surprise, etc.).

>I will agree that there should be no real reason to need
>access to this information.

They why is it allowed? Allowing something that noone needs and
that breaks most people's intuitions of how security will work seems
like a pretty questionable idea.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Erich Focht: "Re: NUMA scheduler BK tree"
Previous message: Frank v Waveren: "Re: /prod/PID-related proc fs question"
Maybe in reply to: Calin A. Culianu: "Why are exe, cwd, and root priviledged bits of information?"