Bugtraq mailing list archives

Re: /proc filesystem allows bypassing directory permissions on Linux

From: Dan Yefimov <dan () lightwave net ru>
Date: Mon, 26 Oct 2009 19:16:34 +0300

On 26.10.2009 18:30, Casper.Dik () sun com wrote:

In Solaris, you don't have permission to access a file in /proc/<pid>/fd unless
you can control the process<pid>.

$ ls -l /proc/1/fd
/proc/1/fd: Permission denied

If you can control<pid>, then clearly you have access the file anyway
simply by controlling it using a debugger.

In Linux the same access rules apply.
--

Sincerely Your, Dan.

Current thread:

Re: /proc filesystem allows bypassing directory permissions on Linux, (continued)
- - Message not available
    - Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 23)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Arturo 'Buanzo' Busleiman (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Tamber Penketh (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 27)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Glynn Clements (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Casper . Dik (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Marco Verschuur (Oct 27)
    - Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 27)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Marco Verschuur (Oct 28)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 29)
    - Re: /proc filesystem allows bypassing directory permissions on Martin Rex (Oct 29)
    - Re: /proc filesystem allows bypassing directory permissions on Pavel Machek (Oct 30)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Anton Ivanov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Anton Ivanov (Oct 26)

(Thread continues...)