Bugtraq mailing list archives
Re: /proc filesystem allows bypassing directory permissions on Linux
From: Dan Yefimov <dan () lightwave net ru>
Date: Sat, 24 Oct 2009 02:55:12 +0400
On 24.10.2009 2:39, Pavel Machek wrote:
Original owner did chmod 666... after making sure traditional unix permissions protect the file. Please look at original mail; it was subtle but I believe I got it right, and file would not be writable with /proc unmounted.I remember the original mail content. You're right, you can't reach the file if the procfs is not mounted, but you forget about the race, allowing the guest to create a hardlink to the file in an unrestricted location before the directory access becomes restricted. Again, procfs is just another, specific kind of hardlinks.Check it again. There's no race; I check link count before chmod 666.
I didn't see real commands checking the link count, just comments telling about it. Not to tell about your script is broken by design. With what object do you 'chmod 0666 unwritable_file', if that file is not designed for access by anybody other than you? This is a rhetorical question.
-- Sincerely Your, Dan.
Current thread:
- Re: /proc filesystem allows bypassing directory permissions on Linux, (continued)
- Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Derek Martin (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Ansgar Wiechers (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Derek Martin (Oct 28)
- Re: /proc filesystem allows bypassing directory permissions on Linux CaT (Oct 29)
- Message not available
- Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 23)
- Re: /proc filesystem allows bypassing directory permissions on Linux Arturo 'Buanzo' Busleiman (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Tamber Penketh (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 27)
- Re: /proc filesystem allows bypassing directory permissions on Linux Glynn Clements (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Casper . Dik (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Dan Yefimov (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 26)
- Re: /proc filesystem allows bypassing directory permissions on Linux Marco Verschuur (Oct 27)
- Re: /proc filesystem allows bypassing directory permissions on Linux psz (Oct 27)
- Re: /proc filesystem allows bypassing directory permissions on Linux Marco Verschuur (Oct 28)
- Re: /proc filesystem allows bypassing directory permissions on Linux Pavel Machek (Oct 29)