From: Andrew Morton <akpm@linux-foundation.org>
To: Cyrill Gorcunov <gorcunov@gmail.com>
Cc: "Kirill A. Shutemov" <kirill@shutemov.name>,
Calvin Owens <calvinowens@fb.com>,
Alexey Dobriyan <adobriyan@gmail.com>,
Oleg Nesterov <oleg@redhat.com>,
"Eric W. Biederman" <ebiederm@xmission.com>,
Al Viro <viro@zeniv.linux.org.uk>,
"Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>,
Peter Feiner <pfeiner@google.com>,
Grant Likely <grant.likely@secretlab.ca>,
Siddhesh Poyarekar <siddhesh.poyarekar@gmail.com>,
linux-kernel@vger.kernel.org, kernel-team@fb.com,
Pavel Emelyanov <xemul@openvz.org>,
linux-api@vger.kernel.org, Kees Cook <keescook@chromium.org>
Subject: Re: [RFC][PATCH v2] procfs: Always expose /proc/<pid>/map_files/ and make it readable
Date: Mon, 26 Jan 2015 22:50:23 -0800 [thread overview]
Message-ID: <20150126225023.df63f6ca.akpm@linux-foundation.org> (raw)
In-Reply-To: <20150127064647.GH651@moon>
On Tue, 27 Jan 2015 09:46:47 +0300 Cyrill Gorcunov <gorcunov@gmail.com> wrote:
> > There's one other problem here: we're assuming that the map_files
> > implementation doesn't have bugs. If it does have bugs then relaxing
> > permissions like this will create new vulnerabilities. And the
> > map_files implementation is surprisingly complex. Is it bug-free?
>
> I didn't find any bugs in map-files (and we use it for long time already)
> so I think it is safe.
You've been using map_files the way it was supposed to be used so no,
any bugs won't show up. What happens if you don your evil black hat
and use map_files in ways that weren't anticipated? Attack it?
next prev parent reply other threads:[~2015-01-27 6:50 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-14 0:20 [RFC][PATCH] procfs: Add /proc/<pid>/mapped_files Calvin Owens
2015-01-14 0:23 ` Calvin Owens
2015-01-14 14:13 ` Rasmus Villemoes
2015-01-14 14:37 ` Siddhesh Poyarekar
2015-01-14 14:53 ` Rasmus Villemoes
2015-01-14 21:03 ` Calvin Owens
2015-01-14 22:45 ` Andrew Morton
2015-01-14 23:51 ` Rasmus Villemoes
2015-01-16 1:15 ` Andrew Morton
2015-01-16 11:00 ` Kirill A. Shutemov
2015-01-14 15:25 ` Kirill A. Shutemov
2015-01-14 15:33 ` Cyrill Gorcunov
2015-01-14 20:46 ` Calvin Owens
2015-01-14 21:16 ` Cyrill Gorcunov
2015-01-22 2:45 ` [RFC][PATCH] procfs: Always expose /proc/<pid>/map_files/ and make it readable Calvin Owens
2015-01-22 7:16 ` Cyrill Gorcunov
2015-01-22 11:02 ` Kirill A. Shutemov
2015-01-22 21:00 ` Calvin Owens
2015-01-22 21:27 ` Kirill A. Shutemov
2015-01-23 5:52 ` Calvin Owens
2015-01-24 3:15 ` [RFC][PATCH v2] " Calvin Owens
2015-01-26 12:47 ` Kirill A. Shutemov
[not found] ` <20150126124731.GA26916-nhfs4B5ZimeFUdmeq17FyvUpdFzICT1y@public.gmane.org>
2015-01-26 21:00 ` Cyrill Gorcunov
2015-01-26 21:00 ` Cyrill Gorcunov
2015-01-26 23:43 ` Andrew Morton
[not found] ` <20150126154346.c63c512e5821e9e0ea31f759-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>
2015-01-27 0:15 ` Kees Cook
2015-01-27 0:15 ` Kees Cook
[not found] ` <CAGXu5jLDkg0hJSMm3CdoO-77yiK5GQWHSe3+1h7mq76LERpNBA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-01-27 7:37 ` Cyrill Gorcunov
2015-01-27 7:37 ` Cyrill Gorcunov
2015-01-27 19:53 ` Kees Cook
2015-01-27 19:53 ` Kees Cook
[not found] ` <CAGXu5jJFFib7F7uKYgvX4ecyMnbincd22FaO_bFy=VRVKdFbvA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-01-27 21:35 ` Cyrill Gorcunov
2015-01-27 21:35 ` Cyrill Gorcunov
2015-01-27 21:46 ` Pavel Emelyanov
2015-01-27 21:46 ` Pavel Emelyanov
2015-01-27 0:19 ` Kirill A. Shutemov
2015-01-27 0:19 ` Kirill A. Shutemov
2015-01-27 6:46 ` Cyrill Gorcunov
2015-01-27 6:46 ` Cyrill Gorcunov
2015-01-27 6:50 ` Andrew Morton [this message]
[not found] ` <20150126225023.df63f6ca.akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>
2015-01-27 7:23 ` Cyrill Gorcunov
2015-01-27 7:23 ` Cyrill Gorcunov
2015-01-28 4:38 ` Calvin Owens
2015-01-28 4:38 ` Calvin Owens
[not found] ` <20150128043832.GA2266262-ZEWhMxyTXSP95iwofa7G/laTQe2KTcn/@public.gmane.org>
2015-01-30 1:30 ` Kees Cook
2015-01-30 1:30 ` Kees Cook
[not found] ` <CAGXu5j+wa2-CCGaktPzDec=HF0CizP__HVVjZKcjGuJJOvLFyg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-01-31 1:58 ` Calvin Owens
2015-01-31 1:58 ` Calvin Owens
2015-02-02 14:01 ` Austin S Hemmelgarn
[not found] ` <54CF832A.7010707-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-02-04 3:53 ` Calvin Owens
2015-02-04 3:53 ` Calvin Owens
2015-02-02 20:16 ` Andy Lutomirski
[not found] ` <CALCETrUufe3USocUDpkBdwx6SyGKVgVUTh4rg2H9Xn91u+6iHg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-02-04 3:28 ` Calvin Owens
2015-02-04 3:28 ` Calvin Owens
2015-02-12 2:29 ` [RFC][PATCH v3] " Calvin Owens
2015-02-12 7:45 ` Cyrill Gorcunov
2015-02-14 20:40 ` [RFC][PATCH v4] " Calvin Owens
2015-03-10 22:17 ` Cyrill Gorcunov
2015-04-28 22:23 ` Calvin Owens
2015-04-29 7:32 ` Cyrill Gorcunov
2015-05-19 3:10 ` [PATCH v5] " Calvin Owens
2015-05-19 3:29 ` Joe Perches
2015-05-19 18:04 ` Andy Lutomirski
2015-05-21 1:52 ` Calvin Owens
2015-05-21 2:10 ` Andy Lutomirski
2015-06-09 3:39 ` [PATCH v6] " Calvin Owens
2015-06-09 17:27 ` Kees Cook
2015-06-09 17:47 ` Andy Lutomirski
2015-06-09 18:15 ` Cyrill Gorcunov
2015-06-09 21:13 ` Andrew Morton
2015-06-10 1:39 ` Calvin Owens
2015-06-10 20:58 ` Andrew Morton
2015-06-11 11:10 ` Alexey Dobriyan
2015-06-11 18:49 ` Andrew Morton
2015-06-12 9:55 ` Alexey Dobriyan
2015-06-19 2:32 ` [PATCH v7] " Calvin Owens
2015-07-15 22:21 ` Andrew Morton
2015-07-15 23:39 ` Calvin Owens
2015-02-14 20:44 ` [PATCH] procfs: Return -ESRCH on /proc/N/fd/* when PID N doesn't exist Calvin Owens
2015-01-14 22:40 ` [RFC][PATCH] procfs: Add /proc/<pid>/mapped_files Kirill A. Shutemov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150126225023.df63f6ca.akpm@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=adobriyan@gmail.com \
--cc=calvinowens@fb.com \
--cc=ebiederm@xmission.com \
--cc=gorcunov@gmail.com \
--cc=grant.likely@secretlab.ca \
--cc=keescook@chromium.org \
--cc=kernel-team@fb.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=kirill@shutemov.name \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=oleg@redhat.com \
--cc=pfeiner@google.com \
--cc=siddhesh.poyarekar@gmail.com \
--cc=viro@zeniv.linux.org.uk \
--cc=xemul@openvz.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.