Date: Mon, 27 Mar 2000 21:01:19 +0100 From: David Malone <dwmalone@maths.tcd.ie> To: hackers@freebsd.org Cc: des@freebsd.org, pb@freebsd.org Subject: Linprocfs observation. Message-ID: <200003272101.aa58489@salmon.maths.tcd.ie>
next in thread | raw e-mail | index | archive | help
I notice that we've just gained a linprocfs which aims to provide a Linux style procfs for the Linux binary compatibility stuff. It looks quite neat, and provides lots of the odd files those linux programs go looking for. However... I haven't checked carefully, but I expect that the linprocfs code has the same problem as the FreeBSD procfs code, in that it can expose suid executables which would not usually be run 'cos they are in inaccessible directories. The "file" file was removed from FreeBSD's /proc code (in 4.0 and 5.0) because of this, but it is probably important for Linux emulation so it can't really be removed from the linprocfs code. I guess this probably warrants at least a note in the man page. Linux itself is not subject to this problem because it's exe file is a synthetic symlink pointing to the executable, not something which returns the executables actual vnode. Also, on Linux the symlink is only readable by the process' owner. This suggests the following possible work around: 1) Add a directory /linproc/pid/private which is only executable and readable by the process' owner. 2) Make the "exe" file in /linproc/pid/ a symlink to "./private/exe", which is the file which gives you the executables real vnode. I think this will give the same behavior as the Linux procfs, and expose less suid stuff. It would be necessary to do something very like this if we ever have to implement /linproc/pid/fd/xx. David. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi? <200003272101.aa58489>