1
linux/fs/proc
Vasiliy Kulikov 1d1221f375 proc: restrict access to /proc/PID/io
/proc/PID/io may be used for gathering private information.  E.g.  for
openssh and vsftpd daemons wchars/rchars may be used to learn the
precise password length.  Restrict it to processes being able to ptrace
the target process.

ptrace_may_access() is needed to prevent keeping open file descriptor of
"io" file, executing setuid binary and gathering io information of the
setuid'ed process.

Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2011-06-28 09:39:11 -07:00
..
array.c proc: constify status array 2011-05-26 17:12:36 -07:00
base.c proc: restrict access to /proc/PID/io 2011-06-28 09:39:11 -07:00
cmdline.c
consoles.c console: rename acquire/release_console_sem() to console_lock/unlock() 2011-01-26 10:50:06 +10:00
cpuinfo.c
devices.c
generic.c airo: correct proc entry creation interfaces 2011-05-16 14:25:28 -04:00
inode.c ns: proc files for namespace naming policy. 2011-05-10 14:31:44 -07:00
internal.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/linux-2.6-nsfd 2011-05-25 18:10:16 -07:00
interrupts.c
Kconfig kconfig: rename CONFIG_EMBEDDED to CONFIG_EXPERT 2011-01-20 17:02:05 -08:00
kcore.c
kmsg.c
loadavg.c
Makefile ns: proc files for namespace naming policy. 2011-05-10 14:31:44 -07:00
meminfo.c
mmu.c
namespaces.c proc: Fix Oops on stat of /proc/<zombie pid>/ns/net 2011-06-15 14:35:29 -07:00
nommu.c
page.c thp: remove PG_buddy 2011-01-13 17:32:43 -08:00
proc_devtree.c of/flattree: Drop an uninteresting message to pr_debug level 2011-03-02 13:45:18 -07:00
proc_net.c
proc_sysctl.c proc_sys_permission() is OK in RCU mode 2011-06-20 10:45:25 -04:00
proc_tty.c
root.c fix leak in proc_set_super() 2011-06-12 17:45:28 -04:00
softirqs.c
stat.c proc/stat: use defined macro KMALLOC_MAX_SIZE 2011-05-26 17:12:37 -07:00
task_mmu.c proc: fix pagemap_read() error case 2011-05-26 17:12:37 -07:00
task_nommu.c report errors in /proc/*/*map* sanely 2011-03-23 16:36:50 -04:00
uptime.c
version.c
vmcore.c fs/proc/vmcore.c: add hook to read_from_oldmem() to check for non-ram pages 2011-05-26 17:12:37 -07:00