On 09/13/2011 06:14 PM, Pavel Machek wrote: > Hi! > >> This one behaves similarly to the /proc/<pid>/fd/ one - it contains symlinks >> one for each mapping with file, the name of a symlink is vma->vm_start, the >> target is the file. Opening a symlink results in a file that point exactly >> to the same inode as them vma's one. > > Is it good idea security-wise? It looks like symlink but does not > behave like one. (And yes, I know we already have similar problems in > /proc..) What exactly doesn't behave like symlink, can you elaborate, please? > ptrace-may-trace is not good enough protection; I can do this on my > own thread to get around read-only protection on fd. (File can be > protected from me by directory permissions.) I think this issue worth separate discussion and if it turns out there is a problem with that we can fix it together with /proc/pid/fd and other stuff. Thanks, Pavel -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
