Date: 28 Mar 2000 12:45:16 +0200 From: Dag-Erling Smorgrav <des@flood.ping.uio.no> To: David Malone <dwmalone@maths.tcd.ie> Cc: hackers@freebsd.org, pb@freebsd.org Subject: Re: Linprocfs observation. Message-ID: <xzpk8inv0eb.fsf@flood.ping.uio.no> In-Reply-To: David Malone's message of "Mon, 27 Mar 2000 21:01:19 %2B0100" References: <200003272101.aa58489@salmon.maths.tcd.ie>
next in thread | previous in thread | raw e-mail | index | archive | help
David Malone <dwmalone@maths.tcd.ie> writes: > I haven't checked carefully, but I expect that the linprocfs code > has the same problem as the FreeBSD procfs code, in that it can > expose suid executables which would not usually be run 'cos they > are in inaccessible directories. That is indeed correct, and a severe oversight on my part. > 2) Make the "exe" file in /linproc/pid/ a symlink to > "./private/exe", which is the file which gives > you the executables real vnode. Sounds good. I'll get to it. DES -- Dag-Erling Smorgrav - des@flood.ping.uio.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpk8inv0eb.fsf>