From: "David S. Miller" <davem@redhat.com>
To: Glenn Fowler <gsf@research.att.com>
Cc: dgk@research.att.com, linux-kernel@vger.kernel.org, netdev@oss.sgi.com
Subject: Re: kernel bug in socketpair()
Date: Wed, 23 Jul 2003 10:00:43 -0700 [thread overview]
Message-ID: <20030723100043.18d5b025.davem@redhat.com> (raw)
In-Reply-To: <200307231656.MAA69129@raptor.research.att.com>
On Wed, 23 Jul 2003 12:56:12 -0400 (EDT)
Glenn Fowler <gsf@research.att.com> wrote:
> the problem is that linux took an implementation shortcut by symlinking
> /dev/fd/N -> /proc/self/fd/N
> and by the time the kernel sees /proc/self/fd/N the "self"-ness is apparently
> lost, and it is forced to do the security checks
None of this is true. If you open /proc/self/fd/N directly the problem
is still there.
> if the /proc fd open code has access to the original /proc/PID/fd/N path
> then it can do dup(atoi(N)) when the PID is the current process without
> affecting security
If we're talking about the current process, there is no use in using
/proc/*/fd/N to open a file descriptor in the first place, you can
simply call open(N,...)
I've personally always viewed /proc/*/fd/N as a way to see who has
various files or sockets open, ie. a debugging tool, not as a generic
way for processes to get access to each other's FDs.
There is an existing mechanism, a portable non-Linux one, that you
can use to do that.
Pass the fd over a UNIX domain socket if you want that, truly.
That works on every system.
next prev parent reply other threads:[~2003-07-23 16:47 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-07-23 14:28 Re: kernel bug in socketpair() David Korn
2003-07-23 14:46 ` David S. Miller
2003-07-23 16:56 ` Glenn Fowler
2003-07-23 17:00 ` David S. Miller [this message]
2003-07-23 17:24 ` Glenn Fowler
2003-07-23 17:31 ` David S. Miller
2003-07-23 18:14 ` Glenn Fowler
2003-07-23 18:23 ` David S. Miller
2003-07-23 18:54 ` Glenn Fowler
2003-07-23 19:04 ` David S. Miller
2003-07-23 19:11 ` Glenn Fowler
2003-07-23 19:14 ` David S. Miller
2003-07-23 19:29 ` Glenn Fowler
2003-07-23 19:56 ` David S. Miller
2003-07-23 22:24 ` jw schultz
2003-07-23 19:08 ` Alan Cox
2003-07-23 19:41 ` Andreas Jellinghaus
2003-07-23 17:50 ` Alan Cox
2003-07-23 23:27 ` Bill Rugolsky Jr.
-- strict thread matches above, loose matches on Subject: below --
2003-07-23 13:32 David Korn
2003-07-23 14:04 ` David S. Miller
2003-07-23 14:20 ` Alan Cox
2003-07-23 15:36 ` David S. Miller
2003-07-23 16:13 ` Alan Cox
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20030723100043.18d5b025.davem@redhat.com \
--to=davem@redhat.com \
--cc=dgk@research.att.com \
--cc=gsf@research.att.com \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.