Re: /proc filesystem allows bypassing directory permissions on Linux
- From: Dan Yefimov <dan@xxxxxxxxxxxxxxxx>
- Date: Mon, 26 Oct 2009 13:42:17 +0300
On 25.10.2009 2:40, psz@xxxxxxxxxxxxxxxxx wrote:
Dear Pavel,Paul, in authentic kernels /proc/<PID>/fd/<FD> are symlinks, not anything other. There're no such publicly accessible file objects, as file descriptors, there're only files (including special ones), directories and symlinks. But the above words don't necessary relate to patched kernels like distributed by third parties.
... that's exactly the problem.
I see, the /proc/*/fd/* objects seem "confused": are they symlinks,
hardlinks, or open file descriptors? I guess should always act as
the latter, where access mode flags (O_RDONLY or O_RDWR) are set at
open() and not changeable afterwards in fcntl(). Any open() on them
should behave as a dup().
Sincerely Your, Dan.
- Prev by Date: [ GLSA 200910-03 ] Adobe Reader: Multiple vulnerabilities
- Next by Date: [DSECRG-09-010] Oracle 10g CTXSYS.DRVXTABC - plsql injection
- Previous by thread: Re: /proc filesystem allows bypassing directory permissions on Linux
- Next by thread: Re: /proc filesystem allows bypassing directory permissions on Linux