From: Rene Scharfe <rene.scharfe@lsrfire.ath.cx>
To: Albert Cahalan <albert@users.sf.net>
Cc: linux-kernel@vger.kernel.org, akpm@osdl.org,
viro@parcelfarce.linux.theplanet.co.uk, pj@engr.sgi.com,
7eggert@gmx.de
Subject: Re: [PATCH][RFC] Make /proc/<pid> chmod'able
Date: Mon, 14 Mar 2005 10:42:16 +0100 [thread overview]
Message-ID: <42355C78.1020307@lsrfire.ath.cx> (raw)
In-Reply-To: <1110771251.1967.84.camel@cube>
Albert Cahalan wrote:
> This is a bad idea. Users should not be allowed to
> make this decision. This is rightly a decision for
> the admin to make.
Why do you think users should not be allowed to chmod their processes'
/proc directories? Isn't it similar to being able to chmod their home
directories? They own both objects, after all (both conceptually and as
attributed in the filesystem).
> Note: I'm the procps (ps, top, w, etc.) maintainer.
>
> Probably I'd have to make /bin/ps run setuid root
> to deal with this. (minor changes needed) The same
> goes for /usr/bin/top, which I know is currently
> unsafe and difficult to fix.
>
> Let's not go there, OK?
I have to admit to not having done any real testing with those
utilities. My excuse is this isn't such a new feature, Openwall had
something similar for at least four years now and GrSecurity contains
yet another flavour of it. Openwall also provides one patch for
procps-2.0.6, so I figured that problem (whatever their patch is about)
got fixed in later versions.
Why do ps and top need to be setuid root to deal with a resticted /proc?
What information in /proc/<pid> needs to be available to any and all
users?
> If you restricted this new ability to root, then I'd
> have much less of an objection. (not that I'd like it)
How about a boot parameter or sysctl to enable the chmod'ability of
/proc/<pid>, defaulting to off? But I'd like to resolve your more
general objections above first, if possible. :)
Thanks for your comments,
Rene
next prev parent reply other threads:[~2005-03-14 9:46 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-03-14 3:34 [PATCH][RFC] Make /proc/<pid> chmod'able Albert Cahalan
2005-03-14 9:42 ` Rene Scharfe [this message]
2005-03-14 16:13 ` Albert Cahalan
2005-03-14 23:08 ` Bodo Eggert
2005-03-15 2:44 ` Albert Cahalan
2005-03-15 10:51 ` Jonathan Sambrook
2005-03-15 14:31 ` Bodo Eggert
2005-03-15 15:29 ` Paul Jackson
2005-03-15 15:58 ` Albert Cahalan
2005-03-15 21:06 ` Bodo Eggert
2005-03-15 21:18 ` Rene Scharfe
2005-03-16 0:21 ` Kyle Moffett
2005-03-15 15:27 ` Rene Scharfe
2005-03-14 16:37 ` Pavel Machek
2005-03-16 2:39 ` [PATCH][RFC] /proc umask and gid [was: Make /proc/<pid> chmod'able] Rene Scharfe
2005-03-16 4:31 ` Albert Cahalan
2005-03-16 4:41 ` Albert Cahalan
2005-03-19 1:51 ` Rene Scharfe
-- strict thread matches above, loose matches on Subject: below --
2005-03-13 23:32 [PATCH][RFC] Make /proc/<pid> chmod'able Rene Scharfe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=42355C78.1020307@lsrfire.ath.cx \
--to=rene.scharfe@lsrfire.ath.cx \
--cc=7eggert@gmx.de \
--cc=akpm@osdl.org \
--cc=albert@users.sf.net \
--cc=linux-kernel@vger.kernel.org \
--cc=pj@engr.sgi.com \
--cc=viro@parcelfarce.linux.theplanet.co.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.