Bugtraq: Re: Request for discussion.

[casper () fwi uva nl (Casper Dik)]

> > > Not if "Real OS(tm)" == Linux. (which of course has the best procfs money can't
> > > buy).
> > Which is why Linux procfs has tons of security holes.
> >
> > Casper
> Such as?

Hm, they seem to be fix now.  In early rleases the permissions
of the fd and cd and exec files weren't right.

Now it uses some ugly hack that looks like the modes on the symlink
are 700 (lrwx------)  which only seems to work on the funny symlinks
under /proc.

Hm, it just occured to me that, as root, hijackling connections under Linux
is real simple, you just open the right /proc/pid/fd/<num>

Casper