Bugtraq: Re: /proc filesystem allows bypassing directory permissions on

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: /proc filesystem allows bypassing directory permissions on

From: Pavel Kankovsky <peak () argo troja mff cuni cz>
Date: Wed, 4 Nov 2009 21:29:23 +0100 (CET)

On Tue, 3 Nov 2009, Martin Rex wrote:

I couldn't find anything in the the POSIX 1003.1-2004 Online Edition
that _requires_ this to fail:


It is required to do nothing:

F_SETFL
    Set the file status flags, defined in <fcntl.h>, for the file 
description associated with fildes from the corresponding bits in the 
third argument, arg, taken as type int. Bits corresponding to the file 
access mode and the file creation flags, as defined in <fcntl.h>, that are 
set in arg shall be ignored. If any bits in arg other than those mentioned 
here are changed by the application, the result is unspecified.

(And curmode &= ~O_RDONLY is not correct, see the rationale for 
open().)

-- 
Pavel Kankovsky aka Peak                          / Jeremiah 9:21        \
"For death is come up into our MS Windows(tm)..." \ 21st century edition /

By Date By Thread

Current thread:

Re: /proc filesystem allows bypassing directory permissions on, (continued)