On 05/23/2012 07:28 PM, Ed Greshko wrote:
On 05/24/2012 10:02 AM, Cameron Simpson wrote:
Sigh. Which is why I asked you to run some ls commands, to _inspect_ the
permissions. What do they show?
I don't know about you, but I'm not sure that things involving the /proc file system
act in quite the same manner as a real file system.
Take this as an example....
(as root, obviously)
[root@meimei proc]# pwd
/proc
[root@meimei proc]# ls -l | grep 1721
dr-xr-xr-x. 8 egreshko egreshko 0 May 23 13:54 1721
[root@meimei proc]# getfacl 1721
# file: 1721
# owner: egreshko
# group: egreshko
user::r-x
group::r-x
other::r-x
[root@meimei proc]# cd 1721
[root@meimei 1721]# ll cwd
lrwxrwxrwx. 1 root root 0 May 24 09:50 cwd -> /
[root@meimei 1721]# getfacl cwd
# file: cwd
# owner: root
# group: root
user::r-x
group::r-x
other::r-x
# file: cwd/var
# owner: root
# group: root
user::rwx
group::r-x
other::r-x
Plus a whole bunch of others that would lead you to believe that the "other" has read
permission.
Yet as a "normal" user ....
[egreshko@meimei 1721]$ ll cwd
ls: cannot read symbolic link cwd: Permission denied
lrwxrwxrwx. 1 root root 0 May 24 09:50 cwd
I personally don't have much interest in delving into the behavior of the /proc file
system.
Yes Ed, I do see this behavior.
But I am puzzled as to how such resources were
somehow accessed by a process that has no root privs?
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
