[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: /proc filesystem allows bypassing directory permissions on


> There are two conceivable approaches to implementing the open() for
> a filedescriptor shown in /proc.  Either go throuh the inode and
> check the access permissions on the file at the current time
> (which is a sensible implementation and what the kernel seems
> to be currently doing), or implement it as a dup() and transfer
> of the filedescriptor.  (Tranfering open filedescriptors between
> processes can also be done by IPC).  Implemetenting it via dup()
> would probably keep the original filedescriptor attributes
> (such as read-only) but would require an entirely seperate
> approach to access control (who is allowed to dup() that filedescriptor),
> and it would create problems:  like you would not be able to look
> into files that were opened only for write through /proc, which
> would seriously impair the usefulness of the fd-listing in /proc.

Doing it as dup() is indeed the way to go. /proc/*/fd/ already needs
same uid, so...

(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html