From: Kees Cook <keescook@xxxxxxxxxxxx> ... > > > > If you don't want /proc/$pid/mem to be able to do stuff like that, > > then IMO the way to go is to change when /proc/$pid/mem uses > > FOLL_FORCE, or to limit overall write access to /proc/$pid/mem. > > Yeah, all reasonable. I just wish we could ditch FOLL_FORCE; it continues > to weird me out how powerful that fd's side-effects are. Could you remove FOLL_FORCE from /proc/$pid/mem and add a /proc/$pid/mem_force that enable FOLL_FORCE but requires root (or similar) access. Although I suspect gdb may like to have write access to code? David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
