Re: Ho ho ho - Linux v2.6.10

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Alan Cox <alan@lxorguk.ukuu.org.uk>
To: Linus Torvalds <torvalds@osdl.org>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: Ho ho ho - Linux v2.6.10
Date: Sun, 26 Dec 2004 15:45:53 +0000	[thread overview]
Message-ID: <1104075953.23660.2.camel@localhost.localdomain> (raw)
In-Reply-To: <1103977161.22646.6.camel@localhost.localdomain>

On Sad, 2004-12-25 at 12:19, Alan Cox wrote:
> - It seems the security hole inducing exec_id change was not reverted
> and I've not yet found any other changes that fix the same problem
> (setuid_app >/proc/self/mem) in 2.6.10. It was actually quite nasty as a
> hole because you can seek the fd to the right target address before
> execing. With the other /proc changes did I miss something on this one

Thankfully I missed something as the test app shows

static char foo[5]="GOOD";

int main(int argc, char *argv[])
{
  lseek(1, (unsigned long) foo, 0);
  if(write(1, "BAD!", 4) != 4)
    perror("write");
  write(2, foo, 4);
}


Running ./a.out >/proc/self/mem produces the desired write error still
in 2.6.10

next prev parent reply	other threads:[~2004-12-26 16:50 UTC|newest]

Thread overview: 52+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-12-24 22:39 Ho ho ho - Linux v2.6.10 Linus Torvalds
2004-12-25 11:11 ` Andrew Walrond
2004-12-25 12:19 ` Alan Cox
2004-12-26 11:30   ` Wichert Akkerman
2004-12-26 13:45     ` R. J. Wysocki
2004-12-26 19:37       ` Pavel Machek
2004-12-26 19:39       ` Pavel Machek
2004-12-26 20:27         ` R. J. Wysocki
2004-12-26 22:10           ` Pavel Machek
2005-01-13 18:09             ` 2.6.10-mm3: swsusp: out of memory on resume (was: Re: Ho ho ho - Linux v2.6.10) Rafael J. Wysocki
2005-01-13 19:59               ` Pavel Machek
2005-01-13 21:22                 ` Rafael J. Wysocki
2005-01-14 14:34               ` hugang
2005-01-14 17:25                 ` Rafael J. Wysocki
2005-01-15 21:43                   ` Rafael J. Wysocki
2005-01-16 21:51                     ` Pavel Machek
2005-01-17 14:53                       ` Rafael J. Wysocki
2005-01-17 15:22                         ` Pavel Machek
2005-01-18  1:44                         ` hugang
     [not found]                 ` <200501150042.35377.rjw@sisk.pl>
2005-01-15  1:21                   ` hugang
2005-01-15  1:21                     ` [Qemu-devel] " hugang
2005-01-15 11:48                     ` [Qemu-devel] Re: 2.6.10-mm3: swsusp: out of memory on resume Fabrice Bellard
2005-01-15 16:40                       ` hugang
2005-01-16  4:38                         ` hugang
2005-01-15 18:02                       ` [Qemu-devel] W2K SP0 Status (was: Re: 2.6.10-mm3: swsusp: out of memory on resume) Tim
2005-01-17 18:02                       ` [Qemu-devel] Re: Re: 2.6.10-mm3: swsusp: out of memory on resume Ronald
2005-01-17 21:54                         ` Fabrice Bellard
2005-01-22  4:17                           ` [Qemu-devel] " Anand Kumria
2005-01-22 12:42                             ` Johannes Schindelin
     [not found]                     ` <200501151147.32919.rjw@sisk.pl>
     [not found]                       ` <200501152220.42129.rjw@sisk.pl>
2005-01-16  5:54                         ` 2.6.10-mm3: swsusp: out of memory on resume (was: Re: Ho ho ho - Linux v2.6.10) hugang
2005-01-16  5:54                           ` [Qemu-devel] " hugang
2005-01-16 10:07                           ` Rafael J. Wysocki
2005-01-16 10:07                             ` [Qemu-devel] " Rafael J. Wysocki
2005-01-16 14:46                             ` hugang
2005-01-17 15:48                               ` Rafael J. Wysocki
2005-01-17 16:49                               ` Rafael J. Wysocki
2004-12-30  9:58         ` Ho ho ho - Linux v2.6.10 Rafael J. Wysocki
2004-12-26 15:45   ` Alan Cox [this message]
2004-12-29 12:44   ` Paolo Ciarrocchi
2004-12-26  2:55 ` Bill Davidsen
2004-12-26  3:36   ` Linus Torvalds
     [not found]   ` <1104171962.18174.28.camel@d845pe>
2004-12-28 16:38     ` Ho ho ho - Linux v2.6.10 (irq18) Bill Davidsen
2004-12-26  4:19 ` Ho ho ho - Linux v2.6.10 Alexander E. Patrakov
2004-12-26  5:12   ` [PATCH] parport_pc: don't mix module parameter styles Randy.Dunlap
2004-12-26 20:35 ` Ho ho ho - Linux v2.6.10 Greg Norris
2004-12-27  1:31   ` Dmitry Torokhov
2004-12-28  2:36     ` Greg Norris
2004-12-27 16:10 ` Ho ho ho - Linux v2.6.10 (compile stats) John Cherry
2004-12-28  1:04 ` Ho ho ho - Linux v2.6.10 Håkan Lindqvist
  -- strict thread matches above, loose matches on Subject: below --
2004-12-26  4:10 Paul Blazejowski
2004-12-26  5:27 ` Linus Torvalds
2004-12-26 15:46   ` James Bottomley

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1104075953.23660.2.camel@localhost.localdomain \
    --to=alan@lxorguk.ukuu.org.uk \
    --cc=linux-kernel@vger.kernel.org \
    --cc=torvalds@osdl.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.