From: Christoph Hellwig <hch@infradead.org>
To: Andrew Morton <akpm@osdl.org>, linux-kernel@vger.kernel.org
Subject: Re: procfs permissions on 2.6.x
Date: Sat, 3 Jul 2004 21:25:41 +0100 [thread overview]
Message-ID: <20040703202541.GA11398@infradead.org> (raw)
In-Reply-To: <20040703202242.GA31656@MAIL.13thfloor.at>
On Sat, Jul 03, 2004 at 10:22:42PM +0200, Herbert Poetzl wrote:
>
> Hi Andrew!
>
> stumbled over the following detail ...
>
> usually when somebody tries to modify an inode,
> notify_change() calls inode_change_ok() to verify
> the user's permissions ... now it seems that
> somewhere around 2.5.41, a patch similar to this
> one was included into the mainline, and remained
> almost unmodified ...
>
> http://www.uwsg.iu.edu/hypermail/linux/kernel/0210.1/1002.html
>
> this probably unintentionally circumvents the
> inode_change_ok() check, so that now any user
> can modify inodes of the procfs.
>
> example:
>
> $ chmod a-rwx /proc/cmdline
>
> the following patch hopefully fixes this, so
> please consider for inclusion ...
Actually the patch you reference above looks extremly bogus and should just
be reverted instead.
next prev parent reply other threads:[~2004-07-03 20:26 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-07-03 20:22 procfs permissions on 2.6.x Herbert Poetzl
2004-07-03 20:25 ` Christoph Hellwig [this message]
2004-07-03 20:35 ` Andrew Morton
2004-07-03 21:04 ` Christoph Hellwig
2004-07-03 21:35 ` Andrew Morton
2004-07-04 21:35 ` viro
2004-07-04 21:55 ` Andrew Morton
2004-07-04 22:13 ` viro
2004-07-04 22:43 ` Andrew Morton
2004-07-06 3:31 ` Andy Lutomirski
2004-07-05 1:50 ` Clemens Schwaighofer
2004-07-05 1:55 ` viro
2004-07-05 8:05 ` Duncan Sands
2004-07-05 8:14 ` Clemens Schwaighofer
2004-07-04 1:27 ` bert hubert
[not found] <2dZjc-7BP-15@gated-at.bofh.it>
[not found] ` <2dZjf-7BP-27@gated-at.bofh.it>
[not found] ` <2dZsQ-7GF-23@gated-at.bofh.it>
[not found] ` <2dZVV-867-33@gated-at.bofh.it>
[not found] ` <2e0oZ-8lm-35@gated-at.bofh.it>
[not found] ` <2emSs-6R8-17@gated-at.bofh.it>
[not found] ` <2enbS-72q-19@gated-at.bofh.it>
[not found] ` <2env9-7li-9@gated-at.bofh.it>
2004-07-04 22:25 ` Andi Kleen
2004-07-04 22:37 ` FabF
2004-07-04 23:30 ` Paul Jackson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040703202541.GA11398@infradead.org \
--to=hch@infradead.org \
--cc=akpm@osdl.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox