Re: /proc filesystem allows bypassing directory permissions on L
On 24.10.2009 22:05, Anton Ivanov wrote:
> It works on Debian 2.6.26 out of the box. It is not an obscure patched
> kernel case I am afraid.
>
> If you redir an FD to a file using thus redir-ed FD in /proc allows you
> to bypass directory permissions for where the file is located.
> Thankfully, file permissions still apply so you need an app which has
> silly file perms in a bolted down directory for this.
>
> Symlinking the same file to a link on a normal ext3 or nfs filesystem as
> a sanity check shows correct permission behaviour. If you try to write
> to that symlink you get permission denied so the permissions on the fs
> actually work.
>
> No need to be root, nothing. It is not a case of "forget to drop EID or
> something else like that either". It looks like what it says on the tin
> - permission bypass.
>
> Not that I would have expected anything different considering who posted
> it in the first place.
>
Thus Debian kernel team should be blamed for that misbehaviour. Don't worry,
hardlinks behave just the same way, as you describe. Use authentic Linux
kernels, if you dislike that.
--
Sincerely Your, Dan.
討論串 (同標題文章)
完整討論串 (本文為第 1 之 2 篇):