From mboxrd@z Thu Jan 1 00:00:00 1970 From: ebiederm@xmission.com (Eric W. Biederman) Subject: Re: [PATCH 0/9] proc: protect /proc//* files across execve Date: Mon, 12 Mar 2012 12:13:15 -0700 Message-ID: References: <1331421919-15499-1-git-send-email-tixxdz@opendz.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com, Andrew Morton , Linus Torvalds , Al Viro , Alexey Dobriyan , Vasiliy Kulikov , Kees Cook , Solar Designer , WANG Cong , James Morris , Oleg Nesterov , linux-security-module@vger.kernel.org, linux-fsdevel@vger.kernel.org, Alan Cox , Greg KH , Ingo Molnar , Stephen Wilson , "Jason A. Donenfeld" To: Djalal Harouni Return-path: Received: from out02.mta.xmission.com ([166.70.13.232]:53327 "EHLO out02.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755891Ab2CLTJ7 (ORCPT ); Mon, 12 Mar 2012 15:09:59 -0400 In-Reply-To: <1331421919-15499-1-git-send-email-tixxdz@opendz.org> (Djalal Harouni's message of "Sun, 11 Mar 2012 00:25:10 +0100") Sender: linux-fsdevel-owner@vger.kernel.org List-ID: Djalal Harouni writes: > Procfs files and other important objects may contain sensitive information > which must not be seen, inherited or processed across execve. So I am dense. /proc//mem was special in that it uses a different set of checks than other files, and to do those access checks /proc//mem needed to look at exec_id. For all of the access checks that are not written in that silly way. What is wrong with ptrace_may_access run at every read/write of a file? We redo all of the permission checks every time so that should avoid races. I really think you are trying to solve something that is not broken. Certainly I could not see your argument for why anything but /proc//mem needs attention. Eric