| New User, Welcome! Login |
Re: /proc filesystem allows bypassing directory permissions on Linux
| From: |
Joel Maslak <jmaslak antelope net> |
| To: |
Pavel Machek <pavel ucw cz> |
| Cc: |
"bugtraq securityfocus com" <bugtraq securityfocus com> |
| Subject: |
Re: /proc filesystem allows bypassing directory permissions on Linux |
| Date: |
Mon - Oct 26, 2009 11:03 AM |
On Oct 23, 2009, at 3:56 PM, Pavel Machek <pavel@ucw.cz> wrote:
> Demonstrate how to get access to the file with /proc unmounted and you
> have a point. Demonstrate how to get access on anything else then
> Linux and you have a point. Otherwise there's a security hole.
If the directory is mounted via NFS or is exported there are several
ways...so software written to assume directory permissions are
sufficent to protect users from other unpriveliged users is broken in
general. Even if it is usually secure enough on non-Linux. It is not
always.
|
|
|
Copyright © 1995-2012 LinuxRocket.net. All rights reserved.
Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!
