Re: [patch 142/192] procfs: allow reading fdinfo with PTRACE_MODE_READ

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Jul 02, 2021 at 03:40:49PM -0500, Eric W. Biederman wrote:
> Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> writes:
> 
> > On Fri, Jul 2, 2021 at 11:43 AM Kees Cook <keescook@xxxxxxxxxxxx> wrote:
> >>
> >> Uhm, this is only checked in open(), and never again? Is this safe in
> >> the face of exec or pid re-use?
> 
> Exec does not change the file descriptor table.

Ah yeah, good point. I've been thinking too much about vmas.

> The open holds a reference to the proc inode.  The proc inode holds the
> struct pid of the task and the file descriptor number.  References using
> struct pid do not suffer from userspace pid rollover issues.

Okay, cool.

> So the only issue I see is file descriptor reuse after an exec,
> that changes the processes struct cred.

Right -- the info leak would be snooping on what a privileged process
was doing with a given fd? Similar stuff has been used to do typing
pattern analysis with login passwords, but that's a stretch here, I
think. Hmm.

> Assuming we care it would probably be worth a bug fix patch to check
> something.

Sounds good.

-- 
Kees Cook



[Index of Archives]     [Kernel Archive]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]

  Powered by Linux