The patch titled
proc: document why writing to /proc/pid/mem is a security hazard
has been removed from the -mm tree. Its filename was
proc-document-why-writing-to-proc-pid-mem-is-a-security-hazard.patch
This patch was dropped because it was merged into mainline or a subsystem tree
The current -mm tree may be found at http://userweb.kernel.org/~akpm/mmotm/
------------------------------------------------------
Subject: proc: document why writing to /proc/pid/mem is a security hazard
From: Stephen Wilson <wilsons@xxxxxxxx>
Signed-off-by: Stephen Wilson <wilsons@xxxxxxxx>
Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
fs/proc/base.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff -puN fs/proc/base.c~proc-document-why-writing-to-proc-pid-mem-is-a-security-hazard fs/proc/base.c
--- a/fs/proc/base.c~proc-document-why-writing-to-proc-pid-mem-is-a-security-hazard
+++ a/fs/proc/base.c
@@ -832,7 +832,11 @@ out_no_task:
#define mem_write NULL
#ifndef mem_write
-/* This is a security hazard */
+/*
+ * As implemented, mem_write would be a security hazard if enabled. For
+ * example, the target task could exec a setuid-root binary between the
+ * permission check and the write into memory.
+ */
static ssize_t mem_write(struct file * file, const char __user *buf,
size_t count, loff_t *ppos)
{
_
Patches currently in -mm which might be from wilsons@xxxxxxxx are
origin.patch
--
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
