Bugtraq mailing list archives
Re: /proc filesystem allows bypassing directory permissions on Linux
From: Joel Maslak <jmaslak () antelope net>
Date: Mon, 26 Oct 2009 12:14:03 -0600
On Oct 23, 2009, at 3:56 PM, Pavel Machek <pavel () ucw cz> wrote:
Demonstrate how to get access to the file with /proc unmounted and you have a point. Demonstrate how to get access on anything else then Linux and you have a point. Otherwise there's a security hole.
If the directory is mounted via NFS or is exported there are several ways...so software written to assume directory permissions are sufficent to protect users from other unpriveliged users is broken in general. Even if it is usually secure enough on non-Linux. It is not always.
Current thread:
- Re: /proc filesystem allows bypassing directory permissions on Linux, (continued)
- Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 29)
- Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 29)
- Re: /proc filesystem allows bypassing directory permissions on Linux Jim Paris (Oct 30)
- Re: /proc filesystem allows bypassing directory permissions on Linux Marco Verschuur (Oct 30)
- Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 30)
- Re: /proc filesystem allows bypassing directory permissions on Linux Marco Verschuur (Oct 30)
- Message not available
- Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 30)
- Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 30)
- Re: /proc filesystem allows bypassing directory permissions on Linux Jim Paris (Oct 30)
- Re: /proc filesystem allows bypassing directory permissions on Linux Marco Verschuur (Oct 30)
- Re: /proc filesystem allows bypassing directory permissions on Linux Joel Maslak (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)