> This change makes mem_write() observe the same constraints as mem_read(). This > is particularly important for mem_write as an accidental leak of the fd across > an exec could result in arbitrary modification of the target process' memory. > IOW, /proc/pid/mem is implicitly close-on-exec. > > Signed-off-by: Stephen Wilson <wilsons@xxxxxxxx> > --- > fs/proc/base.c | 4 ++++ > 1 files changed, 4 insertions(+), 0 deletions(-) > > diff --git a/fs/proc/base.c b/fs/proc/base.c > index 9d096e8..e52702d 100644 > --- a/fs/proc/base.c > +++ b/fs/proc/base.c > @@ -848,6 +848,10 @@ static ssize_t mem_write(struct file * file, const char __user *buf, > if (check_mem_permission(task)) > goto out; > > + copied = -EIO; > + if (file->private_data != (void *)((long)current->self_exec_id)) > + goto out; > + I agree. Reviewed-by: KOSAKI Motohiro <kosaki.motohiro@xxxxxxxxxxxxxx> -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxxx For more info on Linux MM, see: http://www.linux-mm.org/ . Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/ Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>