From mboxrd@z Thu Jan 1 00:00:00 1970 From: ebiederm@xmission.com (Eric W. Biederman) Subject: Re: [PATCH] proc: make proc_fd_permission() thread-friendly Date: Mon, 26 Aug 2013 11:32:53 -0700 Message-ID: <87ioyspaju.fsf@xmission.com> References: <20130822201530.GL31117@1wt.eu> <20130824182939.GA23630@redhat.com> <20130824212432.GA9299@1wt.eu> <20130825052317.GZ27005@ZenIV.linux.org.uk> <20130825065039.GB9299@1wt.eu> <20130825194844.GA16717@redhat.com> <20130826153301.GA15890@redhat.com> <20130826163704.GA21763@redhat.com> <20130826175441.GA28856@redhat.com> Mime-Version: 1.0 Content-Type: text/plain Cc: Andrew Morton , Willy Tarreau , Al Viro , Andy Lutomirski , Ingo Molnar , Linux Kernel Mailing List , Linux FS Devel , Brad Spengler , Linus Torvalds To: Oleg Nesterov Return-path: In-Reply-To: <20130826175441.GA28856@redhat.com> (Oleg Nesterov's message of "Mon, 26 Aug 2013 19:54:41 +0200") Sender: linux-kernel-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org Oleg Nesterov writes: > proc_fd_permission() says "process can still access /proc/self/fd > after it has executed a setuid()", but the "task_pid() = proc_pid() > check only helps if the task is group leader, /proc/self points to > /proc/leader-pid. > > Change this check to use task_tgid() so that the whole process can > access /proc/self/fd. There is at least a semantic goofiness here. There is /proc//fd and /proc//task//fd, and the same permission check is used by both. We might just want to have a /proc/thread symlink as well so people don't have this issue. Of course that would require people to use it, and I think the common case if people care is call gettid() and build the path themselves. Eric