All of lore.kernel.org
 help / color / mirror / Atom feed
From: Pavel Emelyanov <xemul@parallels.com>
To: Pavel Machek <pavel@ucw.cz>
Cc: Cyrill Gorcunov <gorcunov@gmail.com>,
	Nathan Lynch <ntl@pobox.com>, Oren Laadan <orenl@cs.columbia.edu>,
	Daniel Lezcano <dlezcano@fr.ibm.com>, Tejun Heo <tj@kernel.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	Glauber Costa <glommer@parallels.com>,
	"containers@lists.osdl.org" <containers@lists.osdl.org>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	Serge Hallyn <serge.hallyn@canonical.com>,
	LINUXFS-ML <linux-fsdevel@vger.kernel.org>,
	James Bottomley <jbottomley@parallels.com>
Subject: Re: [RFC] fs, proc: Introduce the /proc/<pid>/map_files/ directory v2
Date: Tue, 13 Sep 2011 18:20:56 +0400	[thread overview]
Message-ID: <4E6F66C8.5020406@parallels.com> (raw)
In-Reply-To: <20110913141412.GB7604@ucw.cz>

On 09/13/2011 06:14 PM, Pavel Machek wrote:
> Hi!
> 
>> This one behaves similarly to the /proc/<pid>/fd/ one - it contains symlinks
>> one for each mapping with file, the name of a symlink is vma->vm_start, the
>> target is the file. Opening a symlink results in a file that point exactly
>> to the same inode as them vma's one.
> 
> Is it good idea security-wise? It looks like symlink but does not
> behave like one. (And yes, I know we already have similar problems in
> /proc..)

What exactly doesn't behave like symlink, can you elaborate, please?

> ptrace-may-trace is not good enough protection; I can do  this on my
> own thread to get around read-only protection on fd. (File can be
> protected from me by directory permissions.)

I think this issue worth separate discussion and if it turns out there is
a problem with that we can fix it together with /proc/pid/fd and other stuff.

Thanks,
Pavel

      reply	other threads:[~2011-09-13 14:20 UTC|newest]

Thread overview: 48+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-08-24  8:53 [RFC] fs, proc: Introduce the /proc/<pid>/map_files/ directory v2 Cyrill Gorcunov
2011-08-24  9:21 ` Pekka Enberg
2011-08-24  9:33   ` Pavel Emelyanov
2011-08-24  9:34 ` Tejun Heo
2011-08-24  9:37   ` Cyrill Gorcunov
2011-08-24  9:41     ` Cyrill Gorcunov
2011-08-24  9:41     ` Cyrill Gorcunov
2011-08-24  9:41       ` Cyrill Gorcunov
2011-08-24 11:18 ` Vasiliy Kulikov
2011-08-24 11:31   ` Cyrill Gorcunov
2011-08-25  8:29   ` Cyrill Gorcunov
2011-08-25 17:01     ` Tejun Heo
2011-08-25 17:05       ` Pavel Emelyanov
2011-08-25 17:21         ` Cyrill Gorcunov
2011-08-25 17:25           ` Pavel Emelyanov
2011-08-25 17:27             ` Tejun Heo
2011-08-25 17:34               ` Cyrill Gorcunov
2011-08-25 17:07       ` Cyrill Gorcunov
2011-08-25 20:54         ` Tejun Heo
2011-08-25 21:12           ` Tejun Heo
2011-08-25 21:34             ` Cyrill Gorcunov
2011-08-25 21:39               ` Tejun Heo
2011-08-26  6:58                 ` Cyrill Gorcunov
2011-08-26 11:29                 ` Cyrill Gorcunov
2011-08-26 12:28                   ` Kirill A. Shutemov
2011-08-26 12:28                     ` Kirill A. Shutemov
2011-08-26 12:39                     ` Cyrill Gorcunov
2011-08-26 13:16                     ` Cyrill Gorcunov
2011-08-26 14:06                       ` Tejun Heo
2011-08-26 14:23                         ` Kirill A. Shutemov
2011-08-26 14:27                           ` Tejun Heo
2011-08-25 17:11       ` Cyrill Gorcunov
2011-08-25 17:36     ` Vasiliy Kulikov
2011-08-25 17:39       ` Cyrill Gorcunov
2011-08-25 17:54         ` Vasiliy Kulikov
2011-08-25 18:13           ` Cyrill Gorcunov
2011-08-24 15:05 ` Zan Lynx
2011-08-24 15:05   ` Zan Lynx
2011-08-24 15:19   ` Pavel Emelyanov
2011-08-24 17:36     ` Andi Kleen
2011-08-24 17:36       ` Andi Kleen
2011-08-25  6:42       ` Pavel Emelyanov
2011-08-25 14:04         ` Andi Kleen
2011-08-25 14:30           ` Cyrill Gorcunov
2011-08-25 14:47           ` Pavel Emelyanov
2011-08-24 15:22   ` Cyrill Gorcunov
2011-09-13 14:14 ` Pavel Machek
2011-09-13 14:20   ` Pavel Emelyanov [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4E6F66C8.5020406@parallels.com \
    --to=xemul@parallels.com \
    --cc=akpm@linux-foundation.org \
    --cc=containers@lists.osdl.org \
    --cc=dlezcano@fr.ibm.com \
    --cc=glommer@parallels.com \
    --cc=gorcunov@gmail.com \
    --cc=jbottomley@parallels.com \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=ntl@pobox.com \
    --cc=orenl@cs.columbia.edu \
    --cc=pavel@ucw.cz \
    --cc=serge.hallyn@canonical.com \
    --cc=tj@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.