Bugtraq mailing list archives
Re: /proc filesystem allows bypassing directory permissions on Linux
From: Klaus Lichtenwalder <k.lichtenwalder () computer org>
Date: Sun, 25 Oct 2009 10:46:56 +0100
Am Samstag, den 24.10.2009, 01:12 +0400 schrieb Dan Yefimov:
On 24.10.2009 0:35, Matthew Bergin wrote:doesnt look like the original owner is trying to write to it. Shows it cant, it had guest write to it via the proc folders bad permissions. Looks legitimatePlease tell me, who issued 'chmod 0666 unwritable_file'? Was that an attacker? No, that was the owner of 'unwritable_file', nobody else. What the 0666 file mode means? It means, that everybody can write to the file, can't he? So why do you believe that pretension legitimate?
Well, at first I would say this might definitely somewhat unexpected. It's correct otoh, that you shouldn't be too lax with files when you think you "secured" them somewhere in the path... But if you think of /proc/x/fd as *hard* links to the files, then the behavior would not be surprising, which might help... (You might have this as a "real world scenario" if you have some brain dead application which you try to secure in this way...) Klaus -- ------------------------------------------------------------------------ Klaus Lichtenwalder, Dipl. Inform., http://lklaus.homelinux.org/Klaus/ PGP Key fingerprint: A5C0 F73A 2C83 96EE 766B 9C62 DB6D 1258 0E9B B6D1
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
Current thread:
- Re: /proc filesystem allows bypassing directory permissions on, (continued)
- Re: /proc filesystem allows bypassing directory permissions on Pavel Machek (Oct 30)
- Re: /proc filesystem allows bypassing directory permissions on Linux Anton Ivanov (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Anton Ivanov (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Anton Ivanov (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Anton Ivanov (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 29)
- Re: /proc filesystem allows bypassing directory permissions on Linux Ivan Jager (Oct 28)
- Re: /proc filesystem allows bypassing directory permissions on Linux Klaus Lichtenwalder (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Kankovsky (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Matthew Dempsky (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Tony Finch (Oct 27)
- Re: /proc filesystem allows bypassing directory permissions on Linux Matthew Dempsky (Oct 28)
- Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 28)
- Re: /proc filesystem allows bypassing directory permissions on Linux Glynn Clements (Oct 29)