Home page logo

bugtraq logo Bugtraq mailing list archives

Re: /proc filesystem allows bypassing directory permissions on Linux
From: Pavel Machek <pavel () ucw cz>
Date: Mon, 26 Oct 2009 11:47:18 +0100

On Mon 2009-10-26 13:42:17, Dan Yefimov wrote:
On 25.10.2009 2:40, psz () maths usyd edu au wrote:
Dear Pavel,

... that's exactly the problem.

I see, the /proc/*/fd/* objects seem "confused": are they symlinks,
hardlinks, or open file descriptors? I guess should always act as
the latter, where access mode flags (O_RDONLY or O_RDWR) are set at
open() and not changeable afterwards in fcntl(). Any open() on them
should behave as a dup().

Paul, in authentic kernels /proc/<PID>/fd/<FD> are symlinks, not
anything other. There're no such publicly accessible file objects,
as file descriptors, there're only files (including special ones),
directories and symlinks. But the above words don't necessary relate
to patched kernels like distributed by third parties.

Check your facts. Those symlinks are special.
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]