Bugtraq mailing list archives

Re: /proc filesystem allows bypassing directory permissions on Linux

From: Pavel Machek <pavel () ucw cz>
Date: Thu, 29 Oct 2009 12:00:27 +0100

Hi!

Not that I would have expected anything different considering who posted
it in the first place.

Thus Debian kernel team should be blamed for that misbehaviour. Don't worry, 
hardlinks behave just the same way, as you describe. Use authentic Linux 
kernels, if you dislike that.


Just tested it on my colo where the provider is using some homebrew
derived from the upstream Linux kernel. In any case Pavel was most
likely using Suse and I asked someone to give it a go on one of all
Ubuntu varieties. So even if it is not present upstream it is in a patch
which more than one distro has adopted (f.e. ptrace fixes).


Pavel was using pretty much vanilla kernel. (That is, patches in
drivers but nothing more significant.
                                                                        Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Current thread:

Re: /proc filesystem allows bypassing directory permissions on Linux, (continued)
- - - Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 29)
    - Re: /proc filesystem allows bypassing directory permissions on Martin Rex (Oct 29)
    - Re: /proc filesystem allows bypassing directory permissions on Pavel Machek (Oct 30)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Anton Ivanov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Anton Ivanov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Anton Ivanov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Anton Ivanov (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 29)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Ivan Jager (Oct 28)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Klaus Lichtenwalder (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Daryl Tester (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Kankovsky (Oct 26)
  - Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Kankovsky (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Tony Finch (Oct 26)
  - Re: /proc filesystem allows bypassing directory permissions on Linux Matthew Dempsky (Oct 26)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Tony Finch (Oct 27)
    - Re: /proc filesystem allows bypassing directory permissions on Linux Matthew Dempsky (Oct 28)
    - Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 28)

(Thread continues...)