Date: Fri, 02 Jun 2006 14:16:19 -0500 From: Guy Helmer <ghelmer@palisadesys.com> To: =?ISO-8859-1?Q?Dag-Erling_Sm=F8rgrav?= <des@des.no> Cc: cvs-src@FreeBSD.org, src-committers@FreeBSD.org, Guy Helmer <ghelmer@FreeBSD.org>, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/fs/procfs procfs.c Message-ID: <44808E83.4070704@palisadesys.com> In-Reply-To: <86y7wf20qy.fsf@xps.des.no> References: <200605241403.k4OE3pvp007556@repoman.freebsd.org> <86y7wf20qy.fsf@xps.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
Dag-Erling Smørgrav wrote: > Guy Helmer <ghelmer@FreeBSD.org> writes: > >> Log: >> Revision 1.4 set access for all sensitive files in /proc/<PID> to mode 0 >> if a process's uid or gid has changed, but the /proc/<PID> directory >> itself was also set to mode 0. Assuming this doesn't open any >> security holes, open access to the /proc/<PID> directory for users >> other than root to read or search the directory. >> >> Reviewed by: des (back in February) >> MFC after: 3 weeks >> > > In hindsight, I think I prefer the attached (untested) solution... > > DES > After applying this patch, /proc/<PID>/ctl is writable by the owner of a P_SUGID process: --w------- 1 ph ph 0 Jun 2 13:54 ctl (it used to be mode 000). Is that OK? It doesn't seem right to me... Guy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44808E83.4070704>