From: Solar Designer <solar@openwall.com>
To: David Laight <David.Laight@ACULAB.COM>
Cc: 'Shawn Webb' <shawn.webb@hardenedbsd.org>,
"oss-security@lists.openwall.com"
<oss-security@lists.openwall.com>,
Alejandro Colomar <alx.manpages@gmail.com>,
Michael Kerrisk <mtk.manpages@gmail.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-man@vger.kernel.org" <linux-man@vger.kernel.org>
Subject: Re: [oss-security] [patch] proc.5: tell how to parse /proc/*/stat correctly
Date: Sat, 31 Dec 2022 18:27:58 +0100 [thread overview]
Message-ID: <20221231172758.GA10297@openwall.com> (raw)
In-Reply-To: <fe260c38cf7e416288449691bb9cb5dd@AcuMS.aculab.com>
Hi all,
Let's wind this oss-security thread down as it relates to brainstorming
and commenting on totally new designs - no more of that, please.
Many things were said, but realistically the interface isn't _that_
broken (this can be parsed correctly, and procps-ng manages to) and is
(hopefully) not going to change much (in my opinion, and I know I'm not
alone in this, most of the proposals would make things worse overall).
Somewhat realistically, one possible change is replacing the most risky
characters, such as braces and anything <= ASCII 32, perhaps with '?'
to match what procps-ng is doing. Perhaps do this either on all updates
of "comm" or in all places where "comm" is reported to userspace
(including procfs and kernel messages, by calling a common function).
"comm" isn't the full process name anyway - it's often truncated - so it
can reasonably be made safer in other ways as well. As an option, the
replacing of whitespace (ASCII 32) and braces could be limited to the
"stat" file, but the control characters are (even more) problematic with
other interfaces where "comm" is exposed, so replacing them should
probably be global.
Happy New Year!
Alexander
prev parent reply other threads:[~2022-12-31 17:28 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-22 16:42 [patch] proc.5: tell how to parse /proc/*/stat correctly Alexey Dobriyan
2022-12-22 22:03 ` [oss-security] " Dominique Martinet
2022-12-22 23:21 ` Solar Designer
2022-12-23 0:15 ` Dominique Martinet
2022-12-23 0:21 ` Jan Engelhardt
2022-12-28 0:44 ` Lyndon Nerenberg (VE7TFX/VE6BBM)
2022-12-28 1:50 ` Tavis Ormandy
2022-12-30 20:15 ` Jakub Wilk
2022-12-28 15:24 ` Shawn Webb
2022-12-28 15:31 ` Shawn Webb
2022-12-28 16:47 ` Demi Marie Obenour
2022-12-28 17:09 ` Jan Engelhardt
2022-12-28 17:25 ` Shawn Webb
2022-12-28 18:02 ` Demi Marie Obenour
2022-12-28 18:36 ` John Helmert III
2022-12-28 19:24 ` Shawn Webb
2022-12-28 19:57 ` Alejandro Colomar
2022-12-28 22:14 ` Theodore Ts'o
2022-12-29 0:33 ` Demi Marie Obenour
2022-12-31 16:31 ` David Laight
2022-12-31 17:27 ` Solar Designer [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221231172758.GA10297@openwall.com \
--to=solar@openwall.com \
--cc=David.Laight@ACULAB.COM \
--cc=alx.manpages@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-man@vger.kernel.org \
--cc=mtk.manpages@gmail.com \
--cc=oss-security@lists.openwall.com \
--cc=shawn.webb@hardenedbsd.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox