From: "Albert D. Cahalan" <acahalan@cs.uml.edu>
To: linux-kernel@vger.kernel.org, akpm@osdl.org, arjan@infradead.org
Subject: [PATCH 4/4] pmap: reduced permissions
Date: Sun, 22 Jan 2006 17:19:03 -0500 (EST) [thread overview]
Message-ID: <200601222219.k0MMJ3Qg209555@saturn.cs.uml.edu> (raw)
This patch changes all 3 remaining maps files to be readable
only for the file owner. There have been privacy concerns.
Fedora Core 4 has been shipping with such permissions on
the /proc/*/maps file already. General system monitoring
tools seldom use these files.
Signed-off-by: Albert Cahalan <acahalan@gmail.com>
---
This applies to -git4, grabbed Saturday night.
diff -Naurd 3/fs/proc/base.c 4/fs/proc/base.c
--- 3/fs/proc/base.c 2006-01-22 15:23:13.000000000 -0500
+++ 4/fs/proc/base.c 2006-01-22 15:44:16.000000000 -0500
@@ -202,7 +202,7 @@
E(PROC_TGID_EXE, "exe", S_IFLNK|S_IRWXUGO),
E(PROC_TGID_MOUNTS, "mounts", S_IFREG|S_IRUGO),
#ifdef CONFIG_MMU
- E(PROC_TGID_PMAP, "pmap", S_IFREG|S_IRUGO),
+ E(PROC_TGID_PMAP, "pmap", S_IFREG|S_IRUSR),
#endif
#ifdef CONFIG_SECURITY
E(PROC_TGID_ATTR, "attr", S_IFDIR|S_IRUGO|S_IXUGO),
@@ -231,9 +231,9 @@
E(PROC_TID_CMDLINE, "cmdline", S_IFREG|S_IRUGO),
E(PROC_TID_STAT, "stat", S_IFREG|S_IRUGO),
E(PROC_TID_STATM, "statm", S_IFREG|S_IRUGO),
- E(PROC_TID_MAPS, "maps", S_IFREG|S_IRUGO),
+ E(PROC_TID_MAPS, "maps", S_IFREG|S_IRUSR),
#ifdef CONFIG_NUMA
- E(PROC_TID_NUMA_MAPS, "numa_maps", S_IFREG|S_IRUGO),
+ E(PROC_TID_NUMA_MAPS, "numa_maps", S_IFREG|S_IRUSR),
#endif
E(PROC_TID_MEM, "mem", S_IFREG|S_IRUSR|S_IWUSR),
#ifdef CONFIG_SECCOMP
next reply other threads:[~2006-01-22 22:19 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-01-22 22:19 Albert D. Cahalan [this message]
2006-01-23 6:10 ` [PATCH 4/4] pmap: reduced permissions Arjan van de Ven
2006-01-23 9:28 ` Albert Cahalan
2006-01-23 9:41 ` Arjan van de Ven
2006-01-23 10:20 ` Albert Cahalan
2006-01-25 23:47 ` Nix
2006-01-26 1:45 ` Albert Cahalan
2006-01-26 7:21 ` Arjan van de Ven
2006-01-26 7:54 ` Nix
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=200601222219.k0MMJ3Qg209555@saturn.cs.uml.edu \
--to=acahalan@cs.uml.edu \
--cc=akpm@osdl.org \
--cc=arjan@infradead.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).