Re: [patch 142/192] procfs: allow reading fdinfo with PTRACE_MODE_READ

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: [patch 142/192] procfs: allow reading fdinfo with PTRACE_MODE_READ
From: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Date: Fri, 2 Jul 2021 17:15:42 -0700
Cc: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>, Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>, Alexey Dobriyan <adobriyan@xxxxxxxxx>, Andrei Vagin <avagin@xxxxxxxxx>, Bernd Edlinger <bernd.edlinger@xxxxxxxxxx>, Christian Brauner <christian.brauner@xxxxxxxxxx>, Christian Koenig <christian.koenig@xxxxxxx>, Jonathan Corbet <corbet@xxxxxxx>, Helge Deller <deller@xxxxxx>, Alexey Gladkov <gladkov.alexey@xxxxxxxxx>, Hridya Valsaraju <hridya@xxxxxxxxxx>, jamorris@xxxxxxxxxxxxxxxxxxx, Jann Horn <jannh@xxxxxxxxxx>, Jeff Vander Stoep <jeffv@xxxxxxxxxx>, Kalesh Singh <kaleshsingh@xxxxxxxxxx>, Linux-MM <linux-mm@xxxxxxxxx>, Mauro Carvalho Chehab <mchehab+huawei@xxxxxxxxxx>, Michal Hocko <mhocko@xxxxxxxx>, Minchan Kim <minchan@xxxxxxxxxx>, mm-commits@xxxxxxxxxxxxxxx, Randy Dunlap <rdunlap@xxxxxxxxxxxxx>, Suren Baghdasaryan <surenb@xxxxxxxxxx>, Szabolcs Nagy <szabolcs.nagy@xxxxxxx>, Al Viro <viro@xxxxxxxxxxxxxxxxxx>, Michel Lespinasse <walken@xxxxxxxxxx>, Matthew Wilcox <willy@xxxxxxxxxxxxx>
In-reply-to: <202107021626.913478E@keescook>
References: <20210630184624.9ca1937310b0dd5ce66b30e7@linux-foundation.org> <20210701015444.ZOZaFPX0b%akpm@linux-foundation.org> <202107021047.CC57ED634@keescook> <CAHk-=wiGcrds=Q7+utqPE7irvcsGfEY_qvp1+T7x67xdHbuSEA@mail.gmail.com> <87pmw0ih4e.fsf@disp2133> <202107021626.913478E@keescook>
Reply-to: linux-kernel@xxxxxxxxxxxxxxx

On Fri, Jul 2, 2021 at 4:31 PM Kees Cook <keescook@xxxxxxxxxxxx> wrote:
>
> Right -- the info leak would be snooping on what a privileged process
> was doing with a given fd? Similar stuff has been used to do typing
> pattern analysis with login passwords, but that's a stretch here, I
> think. Hmm.

So I think you'd see the directory list, but generally that's just the
file descriptor numbers.

Which is information you shouldn't have access to, but it's probably
not very *interesting* information.

I think it would be worth fixing but possibly not a very high priority.

             Linus

Follow-Ups:
- Re: [patch 142/192] procfs: allow reading fdinfo with PTRACE_MODE_READ
  - From: Eric W. Biederman

References:
- incoming
  - From: Andrew Morton
- [patch 142/192] procfs: allow reading fdinfo with PTRACE_MODE_READ
  - From: Andrew Morton
- Re: [patch 142/192] procfs: allow reading fdinfo with PTRACE_MODE_READ
  - From: Kees Cook
- Re: [patch 142/192] procfs: allow reading fdinfo with PTRACE_MODE_READ
  - From: Linus Torvalds
- Re: [patch 142/192] procfs: allow reading fdinfo with PTRACE_MODE_READ
  - From: Eric W. Biederman
- Re: [patch 142/192] procfs: allow reading fdinfo with PTRACE_MODE_READ
  - From: Kees Cook

Prev by Date: Re: [patch 142/192] procfs: allow reading fdinfo with PTRACE_MODE_READ
Next by Date: Re: incoming
Previous by thread: Re: [patch 142/192] procfs: allow reading fdinfo with PTRACE_MODE_READ
Next by thread: Re: [patch 142/192] procfs: allow reading fdinfo with PTRACE_MODE_READ
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Archive] [IETF Annouce] [DCCP] [Netdev] [Networking] [Security] [Bugtraq] [Yosemite] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Linux SCSI]