Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20110604202018.GA8019@shinshilla>
Date: Sun, 5 Jun 2011 00:20:47 +0400
From: Vasiliy Kulikov <segoon@...nwall.com>
To: kernel-hardening@...ts.openwall.com
Cc: Pavel Labushev <p.labushev@...il.com>
Subject: Re: /proc/PID directory hiding (was: [owl-dev]
 segoon's status report - #1 of 15)

On Sat, Jun 04, 2011 at 22:19 +0400, Solar Designer wrote:
> > It is:
> > $ python -c 'import os; print os.stat("/proc/1")'
> > posix.stat_result(st_mode=16744, st_ino=535821L, st_dev=3L, st_nlink=6,
> > st_uid=0, st_gid=0, st_size=0L, st_atime=1306605485, st_mtime=1306605485,
> > st_ctime=1306605485)
> > 
> > It's a known flaw and AFAIR it was considered irrelevant.
> 
> Is the above on grsecurity?

No, grsecurity hides uid/gid from both *stat*(2) and getdents*(2) functions
(implemented as proc_pid_readdir() and pid_getattr()).

> As to probing for PIDs with syscalls such as kill(2), we may deal with
> that as well

I'd not do this.  There are too many paths using pids, I don't think
there is some universal way (read: a bottleneck) to filter all accesses.
And the award is not too high to bother.

Thanks,

Vasiliy.

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.