User: Password:
|
|
Subscribe / Log in / New account

/proc and directory permissions

/proc and directory permissions

Posted Oct 30, 2009 3:26 UTC (Fri) by jimparis (subscriber, #38647)
In reply to: /proc and directory permissions by giraffedata
Parent article: /proc and directory permissions

> The scenarios show an attacker opening read-only and then escalating to
> read-write after some permissions were changed

No it didn't. No permissions were changed between the time the attacker had a read-only fd and when the attacker managed to get a read-write fd.

- The attacker could not open the file (neither read-only nor read-write)
- The superuser gave the attacker a read-only handle to the file
- The attacker turned it into a read-write handle

No permissions changes were involved, this is not a race condition.


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds