Bugtraq mailing list archives

Re: /proc filesystem allows bypassing directory permissions on Linux

From: Dan Yefimov <dan () lightwave net ru>
Date: Mon, 26 Oct 2009 15:37:50 +0300

On 26.10.2009 13:54, psz () maths usyd edu au wrote:

Dear Dan,

... in authentic kernels /proc/<PID>/fd/<FD>  are symlinks ...


They appear to /bin/ls as symlinks, but observation suggests that they
"act" as hardlinks. Could that be fixed somehow? (I did look at the
kernel fs/proc/base.c but did not make much sense to me...)

Just looked more carefully at fs/proc/base.c. That behavior is due toproc_fd_info() called from proc_fd_link() obtains file->f_path, that in turncontains the reference to the open file dentry and hence inode. That's exactlywhy those symlinks behave as hardlinks. This behavior assumes, that if you wereable to open the file, you've all necessary transition permissions to accessit's inode. But in order to follow them you need privileges to read the processmemory, which hardly restricts the impact of this behavior. I don't think thisshould be fixed, since /proc/<PID>/fd/ is mainly for debugging purposes.

--

Sincerely Your, Dan.

Current thread:

Re: /proc filesystem allows bypassing directory permissions on Linux, (continued)
- - - Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 30)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Jim Paris (Oct 30)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Marco Verschuur (Oct 30)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Joel Maslak (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
  - Re: /proc filesystem allows bypassing directory permissions on Linux Derek Martin (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Ansgar Wiechers (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Derek Martin (Oct 28)
    - Re: /proc filesystem allows bypassing directory permissions on Linux CaT (Oct 29)

(Thread continues...)