Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 11 Feb 2012 17:31:46 +0400
From: Solar Designer <solar@...nwall.com>
To: kernel-hardening@...ts.openwall.com
Subject: Re: procfs: infoleaks and DAC permissions

On Sat, Feb 11, 2012 at 02:21:06PM +0400, Vasiliy Kulikov wrote:
> On Sat, Feb 11, 2012 at 13:20 +0400, Solar Designer wrote:
> > I did not look into this closely, but my current understanding is that
> > apparently glibc reads the process' own proc files only, and restricting
> > their perms to 0400 breaks this if the process changes euid/fsuid during
> > its runtime.  Right?
> 
> Yes, AFAICS, it looks whether a specific memory area is RW.  But looking
> at "grep -r /proc/self/ glibc-sources/" output I can say /proc/self/maps
> is not the only file usage which might be broken by open() restricting.

Yes, and not all pathnames are constant - there's also
"/proc/self/task/%u/comm".

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.