> > Please see bugtraq discussion at > > http://seclists.org/bugtraq/2009/Oct/179 . > > > > (In short, you get read-only fd, and you can upgrade it to read-write > > fd. Yes, you are the owner of the process, but you are not owner of > > the file the fd refers to.) > > > > The actual permissions of the file are not ignored, but permissions of > > the containing directory _are_. If there's 666 file in 700 directory, > > you can reopen it read-write, in violation of directory's 700 > > permissions. > > There is no security violation here. Consider the case where You are able to write to my files, when unix permissions forbid that. How do you call that? Strange behaviour of /proc/*/fd/ symlink that is not really a symlink allows that. See bugtraq discussion at http://seclists.org/bugtraq/2009/Oct/179 . Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
