Re: /proc filesystem allows bypassing directory permissions on Linux

From: Pavel Machek <pavel@xxxxxx>
Date: Thu, 29 Oct 2009 12:00:27 +0100

Hi!

Not that I would have expected anything different considering who posted
it in the first place.

Thus Debian kernel team should be blamed for that misbehaviour. Don't worry,
hardlinks behave just the same way, as you describe. Use authentic Linux
kernels, if you dislike that.

Just tested it on my colo where the provider is using some homebrew
derived from the upstream Linux kernel. In any case Pavel was most
likely using Suse and I asked someone to give it a go on one of all
Ubuntu varieties. So even if it is not present upstream it is in a patch
which more than one distro has adopted (f.e. ptrace fixes).

Pavel was using pretty much vanilla kernel. (That is, patches in
drivers but nothing more significant.
Pavel
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

References:
- /proc filesystem allows bypassing directory permissions on Linux
  - From: Pavel Machek
- Re: /proc filesystem allows bypassing directory permissions on Linux
  - From: Dan Yefimov
- Re: /proc filesystem allows bypassing directory permissions on Linux
  - From: Anton Ivanov
- Re: /proc filesystem allows bypassing directory permissions on Linux
  - From: Dan Yefimov
- Re: /proc filesystem allows bypassing directory permissions on Linux
  - From: Anton Ivanov
- Re: /proc filesystem allows bypassing directory permissions on Linux
  - From: Dan Yefimov
- Re: /proc filesystem allows bypassing directory permissions on Linux
  - From: Anton Ivanov
- Re: /proc filesystem allows bypassing directory permissions on Linux
  - From: Dan Yefimov
- Re: /proc filesystem allows bypassing directory permissions on Linux
  - From: Anton Ivanov

Prev by Date: ZDI-09-074: Multiple Vendor Hummingbird STR Service Stack Overflow Vulnerability
Next by Date: Re: /proc filesystem allows bypassing directory permissions on Linux
Previous by thread: Re: /proc filesystem allows bypassing directory permissions on Linux
Next by thread: Re: /proc filesystem allows bypassing directory permissions on Linux
Index(es):
- Date
- Thread

Relevant Pages

Re: Which is simpler? (Was Re: [Suspend2-devel] Re: [ 00/10] [Suspend2] Modules support.)
... needed to Just Work yesterday, and every day it doesn't work we are ... Responses like this are precisely why you're not the most popular kernel ... That's not what a maintainer ... Pavel, at least I haven't had any problems in communicating with him. ...
(Linux-Kernel)
Re: Which is simpler? (Was Re: [Suspend2-devel] Re: [ 00/10] [Suspend2] Modules support.)
... Responses like this are precisely why you're not the most popular kernel ... problems themselves and send you a patch. ... That's not what a maintainer ... Pavel, at least I haven't had any problems in communicating with him. ...
(Linux-Kernel)
Re: [linux-pm] [RFC] userland swsusp
... Pavel is doing this properly, ... visible to the kernel is pretty telling. ... > It's not duplicated, Nigel knows what need to be done to work together, ... send the line "unsubscribe linux-kernel" in ...
(Linux-Kernel)
Re: [ 00/10] [Suspend2] Modules support.
... from suspend2 in some evolutionary incremental manner under which the ... kernel continually improves. ... So, given that I'm perfectly willing to send Pavel patches, but he's not ... I guess I the best thing I can do is to just let Pavel ...
(Linux-Kernel)
Re: Which is simpler? (Was Re: [Suspend2-devel] Re: [ 00/10] [Suspend2] Modules support.)
... We are just going to implement features in the user space that need ... not be implemented in the kernel. ... I wish Pavel wrote replies like that. ... I'm doing poor job translating into English at higher level...] ...
(Linux-Kernel)