David Malone <[EMAIL PROTECTED]> writes:
> I haven't checked carefully, but I expect that the linprocfs code
> has the same problem as the FreeBSD procfs code, in that it can
> expose suid executables which would not usually be run 'cos they
> are in inaccessible directories.
That is indeed corre
In message <[EMAIL PROTECTED]> David Malone writes:
: The "file" file was removed from FreeBSD's /proc code (in 4.0 and
: 5.0) because of this, but it is probably important for Linux
: emulation so it can't really be removed from the linprocfs code.
: I guess this probably warrants at least a note
In message <[EMAIL PROTECTED]> David Malone writes:
: > File was removed because it was a huge, gaping security hole. It was
: > effectively hard link to the file in question and circumvented some of
: > the usual security protections that the file would otherwise be
: > protected by.
:
: I know
> File was removed because it was a huge, gaping security hole. It was
> effectively hard link to the file in question and circumvented some of
> the usual security protections that the file would otherwise be
> protected by.
I know - AFAIK I was the one who reported it ;-)
> : Linux itself is
I notice that we've just gained a linprocfs which aims to provide
a Linux style procfs for the Linux binary compatibility stuff. It
looks quite neat, and provides lots of the odd files those linux
programs go looking for. However...
I haven't checked carefully, but I expect that the linprocfs cod
5 matches
Mail list logo
