Home page logo

bugtraq logo Bugtraq mailing list archives

Re: /proc filesystem allows bypassing directory permissions on Linux
From: Klaus Lichtenwalder <k.lichtenwalder () computer org>
Date: Sun, 25 Oct 2009 10:46:56 +0100

Am Samstag, den 24.10.2009, 01:12 +0400 schrieb Dan Yefimov:
On 24.10.2009 0:35, Matthew Bergin wrote:
doesnt look like the original owner is trying to write to it. Shows it
cant, it had guest write to it via the proc folders bad permissions.
Looks legitimate

Please tell me, who issued 'chmod 0666 unwritable_file'? Was that an attacker? 
No, that was the owner of 'unwritable_file', nobody else. What the 0666 file 
mode means? It means, that everybody can write to the file, can't he? So why do 
you believe that pretension legitimate?

Well, at first I would say this might definitely somewhat unexpected.
It's correct otoh, that you shouldn't be too lax with files when you
think you "secured" them somewhere in the path... 
But if you think of /proc/x/fd as *hard* links to the files, then the
behavior would not be surprising, which might help...

(You might have this as a "real world scenario" if you have some brain
dead application which you try to secure in this way...)


 Klaus Lichtenwalder, Dipl. Inform.,  http://lklaus.homelinux.org/Klaus/
 PGP Key fingerprint: A5C0 F73A 2C83 96EE 766B  9C62 DB6D 1258 0E9B B6D1

Attachment: signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]