|
|
BugTraq
Re: /proc filesystem allows bypassing directory permissions on Linux Oct 23 2009 09:12PM Dan Yefimov (dan lightwave net ru) (4 replies) Re: /proc filesystem allows bypassing directory permissions on Linux Oct 25 2009 09:46AM Klaus Lichtenwalder (k lichtenwalder computer org) Re: /proc filesystem allows bypassing directory permissions onLinux Oct 24 2009 06:47AM Anton Ivanov (arivanov sigsegv cx) (1 replies) Re: /proc filesystem allows bypassing directory permissions onLinux Oct 24 2009 04:19PM Dan Yefimov (dan lightwave net ru) (1 replies) Re: /proc filesystem allows bypassing directory permissionsonLinux Oct 24 2009 04:59PM Anton Ivanov (arivanov sigsegv cx) (1 replies) Re: /proc filesystem allows bypassing directory permissionsonLinux Oct 24 2009 05:39PM Dan Yefimov (dan lightwave net ru) (1 replies) Re: /proc filesystem allows bypassing directorypermissionsonLinux Oct 24 2009 06:05PM Anton Ivanov (anton ivanov kot-begemot co uk) (1 replies) Re: /proc filesystem allows bypassing directorypermissionsonLinux Oct 24 2009 06:36PM Dan Yefimov (dan lightwave net ru) (2 replies) Re: /proc filesystem allows bypassing directorypermissionsonLinux Oct 27 2009 08:59PM Ivan Jager aij+ (at) mrph (dot) org [email concealed] (aij+ mrph org) Re: /proc filesystem allows bypassingdirectorypermissionsonLinux Oct 24 2009 07:27PM Anton Ivanov (anton ivanov kot-begemot co uk) (1 replies) Re: /proc filesystem allows bypassing directory permissions onLinux Oct 29 2009 11:00AM Pavel Machek (pavel ucw cz) Re: /proc filesystem allows bypassing directory permissions on Linux Oct 23 2009 10:05PM Pavel Machek (pavel ucw cz) (2 replies) Re: /proc filesystem allows bypassing directory permissions on Linux Oct 23 2009 10:21PM Dan Yefimov (dan lightwave net ru) (1 replies) Re: /proc filesystem allows bypassing directory permissions on Linux Oct 23 2009 10:39PM Pavel Machek (pavel ucw cz) (3 replies) Re: /proc filesystem allows bypassing directory permissions on Linux Oct 26 2009 09:49PM Glynn Clements (glynn gclements plus com) Re: /proc filesystem allows bypassing directory permissions on Linux Oct 26 2009 04:05PM Tamber Penketh (james penketh googlemail com) (1 replies) Re: /proc filesystem allows bypassing directory permissions onLinux Oct 27 2009 12:55AM Pavel Machek (pavel ucw cz) Re: /proc filesystem allows bypassing directory permissions on Linux Oct 23 2009 10:55PM Dan Yefimov (dan lightwave net ru) Re: /proc filesystem allows bypassing directory permissions on Linux Oct 23 2009 09:22PM Arturo 'Buanzo' Busleiman (buanzo buanzo com ar) |
|
Privacy Statement |
Pavel Machek wrote:
>On Sat 2009-10-24 01:12:51, Dan Yefimov wrote:
>> On 24.10.2009 0:35, Matthew Bergin wrote:
>> >doesnt look like the original owner is trying to write to it. Shows it
>> >cant, it had guest write to it via the proc folders bad permissions.
>> >Looks legitimate
>> >
>> Please tell me, who issued 'chmod 0666 unwritable_file'? Was that an
>> attacker? No, that was the owner of 'unwritable_file', nobody else.
>> What the 0666 file mode means? It means, that everybody can write to
>> the file, can't he? So why do you believe that pretension
>> legitimate?
>
>Original owner did chmod 666... after making sure traditional unix
>permissions protect the file. Please look at original mail; it was
>subtle but I believe I got it right, and file would not be writable
>with /proc unmounted.
In Solaris, you don't have permission to access a file in /proc/<pid>/fd unless
you can control the process <pid>.
$ ls -l /proc/1/fd
/proc/1/fd: Permission denied
If you can control <pid>, then clearly you have access the file anyway
simply by controlling it using a debugger.
I agree with Pavel's assessment here.
Casper
[ reply ]