diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2006-06-26 00:25:46 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-06-26 09:58:24 -0700 |
| commit | 0f2fe20f55c85f26efaf14feeb69c7c2eb3f7a75 (patch) | |
| tree | 93649d0579bed2ed43e69f03c06b325bdb0c312e /init | |
| parent | 22c2c5d75e6ad4b9ac41269476b32ba8c9fe263f (diff) | |
| download | op-kernel-dev-0f2fe20f55c85f26efaf14feeb69c7c2eb3f7a75.zip op-kernel-dev-0f2fe20f55c85f26efaf14feeb69c7c2eb3f7a75.tar.gz | |
[PATCH] proc: Properly filter out files that are not visible to a process
Long ago and far away in 2.2 we started checking to ensure the files we
displayed in /proc were visible to the current process. It was an
unsophisticated time and no one was worried about functions full of FIXMES in
a stable kernel. As time passed the function became sacred and was enshrined
in the shrine of how things have always been. The fixes came in but only to
keep the function working no one really remembering or documenting why we did
things that way.
The intent and the functionality make a lot of sense. Don't let /proc be an
access point for files a process can see no other way. The implementation
however is completely wrong.
We are currently checking the root directories of the two processes, we are
not checking the actual file descriptors themselves.
We are strangely checking with a permission method instead of just when we use
the data.
This patch fixes the logic to actually check the file descriptors and make a
note that implementing a permission method for this part of /proc almost
certainly indicates a bug in the reasoning.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'init')
0 files changed, 0 insertions, 0 deletions
