kernel-hardening - Re: [PATCH v3] proc: fix races against execve() of /proc/PID/fd**

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Message-Id: <20110829160210.f0f2ce99.akpm@linux-foundation.org>
Date: Mon, 29 Aug 2011 16:02:10 -0700
From: Andrew Morton <akpm@...ux-foundation.org>
To: Vasiliy Kulikov <segoon@...nwall.com>
Cc: kernel-hardening@...ts.openwall.com, Cyrill Gorcunov
 <gorcunov@...il.com>,
        Al Viro <viro@...iv.linux.org.uk>,
        David Rientjes
 <rientjes@...gle.com>,
        Stephen Wilson <wilsons@...rt.ca>,
        KOSAKI Motohiro
 <kosaki.motohiro@...fujitsu.com>,
        linux-kernel@...r.kernel.org, security@...nel.org
Subject: Re: [PATCH v3] proc: fix races against execve() of /proc/PID/fd**

On Mon, 29 Aug 2011 22:00:11 +0400
Vasiliy Kulikov <segoon@...nwall.com> wrote:

> Used existing (un)lock_trace functions to check for ptrace_may_access(),
> but instead of using EPERM return code from it use EACCES to be
> consistent with existing proc_pid_follow_link()/proc_pid_readlink()
> return code.  If they differ, attacker can guess what fds exist by
> analyzing stat() return code.

doh, I missed that bit.  Fair enough.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.