The following patches make /proc/*/{stack,syscall,personality,pagemap}
0400.These files contain sensitive information that can be used by an unprivileged process to leak address space and bypass ASLR. This is a resend, the original discussion: https://lkml.org/lkml/2013/8/26/354 Ended by confirming this, and Kees Cook Acked the first patch. Kees Cook also confirmed the security exposure here: https://lkml.org/lkml/2013/8/28/564 So these patches only restore the original 0400 mode that will make the VFS able to block unprivileged processes from getting file descriptors on arbitrary privileged /proc/*/{stack,syscall,personality,pagemap} files. >From the first discussion no one picked the patches, so I included them in the "procfs: protect /proc/*/* entries with file->f_cred" series: https://lkml.org/lkml/2013/10/1/371 However, that attempt failed to have a general aggreemnt, so I'm resending again but _only_ those two patches. At least we have a VFS protection for now. Djalal Harouni (2): procfs: make /proc/*/{stack,syscall,personality} 0400 procfs: make /proc/*/pagemap 0400 fs/proc/base.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
