From owner-freebsd-hackers Mon Mar 27 14:29:39 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 9D68337BA2D; Mon, 27 Mar 2000 14:29:34 -0800 (PST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id PAA55892; Mon, 27 Mar 2000 15:29:33 -0700 (MST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id PAA00547; Mon, 27 Mar 2000 15:29:16 -0700 (MST) Message-Id: <200003272229.PAA00547@harmony.village.org> To: David Malone Subject: Re: Linprocfs observation. Cc: hackers@FreeBSD.ORG, des@FreeBSD.ORG, pb@FreeBSD.ORG In-reply-to: Your message of "Mon, 27 Mar 2000 23:25:02 +0100." <200003272325.aa69356@salmon.maths.tcd.ie> References: <200003272325.aa69356@salmon.maths.tcd.ie> Date: Mon, 27 Mar 2000 15:29:16 -0700 From: Warner Losh Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <200003272325.aa69356@salmon.maths.tcd.ie> David Malone writes: : > File was removed because it was a huge, gaping security hole. It was : > effectively hard link to the file in question and circumvented some of : > the usual security protections that the file would otherwise be : > protected by. : : I know - AFAIK I was the one who reported it ;-) So many bugs. It is hard to put a face on them at times :-) : > : Linux itself is not subject to this problem because it's exe file : > : is a synthetic symlink pointing to the executable, not something : > : which returns the executables actual vnode. : > : > And that's why it is still in the tree. A symbolic link doesn't have : > the security issues that the hard link has. : : I think I wasn't clear. The real Linux code doesn't have this problem, : but the code in /usr/src/sys/miscfs/linprocfs, which was committed to : 4.0 and 5.0 two days ago does. Ah. That's a good point. : Given that libc is using it for something, it is probably important : to provide a working one in linprocfs, preferably without the : security hole! Agreed. I'm happy with just making it a symlink. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message