mailing list archives
Re: /proc filesystem allows bypassing directory permissions on Linux
From: Dan Yefimov <dan () lightwave net ru>
Date: Sat, 24 Oct 2009 01:24:49 +0400
On 24.10.2009 1:08, Pavel Machek wrote:
It didn't in fact change anything. If the guest created hardlink to that file in
a unrestricted location, what would you say? Procfs is in that respect just
another sort of hardlinks, whether you like that or not. If you didn't in fact
restrict an access to the file, you're on your own.
That can hardly be called a real security hole, since the behaviour
described above is expected, and is as it was conceived by design.
If the file owner in fact allows writing to it, why should Linux
prevent that from happening?
No, I do not think this is expected. You could not write to that file
under traditional unix, and you can not write into that file when
/proc is unmounted.
I do not think mounting /proc should change access control semantics.
Directory permissions control an access just to the directory itself, not to the
files in it, so your pretensions are in fact illegitimate. Anyway, you're free
to consider that a security hole, but remember, that nobody is obliged to agree
with you in that or help you solving problems invented by yourself.
Plus, you may run traditional unix/POSIX application, expecting
directory access controls to prevent the write. (Or can you see a way
to write to that file when /proc is unmounted?)
Sincerely Your, Dan.