Home page logo

bugtraq logo Bugtraq mailing list archives

Re: /proc filesystem allows bypassing directory permissions on Linux
From: Joel Maslak <jmaslak () antelope net>
Date: Mon, 26 Oct 2009 12:14:03 -0600

On Oct 23, 2009, at 3:56 PM, Pavel Machek <pavel () ucw cz> wrote:

Demonstrate how to get access to the file with /proc unmounted and you
have a point. Demonstrate how to get access on anything else then
Linux and you have a point. Otherwise there's a security hole.

If the directory is mounted via NFS or is exported there are several ways...so software written to assume directory permissions are sufficent to protect users from other unpriveliged users is broken in general. Even if it is usually secure enough on non-Linux. It is not always.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]