[955] in bugtraq
Re: Request for discussion.
daemon@ATHENA.MIT.EDU (Silicon Avatar)
Thu Feb 9 22:31:44 1995
Date: Thu, 9 Feb 1995 14:49:59 -0600 (CST)
From: Silicon Avatar <zitz@infinity.ivdev.com>
To: bugtraq@fc.net
In-Reply-To: <199502081524.AA29133@mail.fwi.uva.nl>
On Wed, 8 Feb 1995, Casper Dik wrote:
>
> >>
> >>
> >>
> >> >Not if "Real OS(tm)" == Linux. (which of course has the best procfs money can't
> >> >buy).
> >> >
> >>
> >> Which is why Linux procfs has tons of security holes.
> >>
> >> Casper
> >>
> >
> >Such as?
>
>
> Hm, they seem to be fix now. In early rleases the permissions
> of the fd and cd and exec files weren't right.
>
> Now it uses some ugly hack that looks like the modes on the symlink
> are 700 (lrwx------) which only seems to work on the funny symlinks
> under /proc.
>
> Hm, it just occured to me that, as root, hijackling connections under Linux
> is real simple, you just open the right /proc/pid/fd/<num>
Indeed ... I don't think there really is a lack of root-able ways of getting
*anything* hijacked or somesuch on *any* machine, regardless of procfs usage
or not :)
/----------------------------------------------------------------------\
<> Stephan K. Zitz <> My mind is my best friend... <>
<> zitz@infinity.ivdev.com <> And my worst enemy... GABBPUY! <>
<> Integrated Visions -- Watch out, is on its way.... <>
\======================================================================/
GCS/M d-- p c++++ l+++ u++ e+ m-(++) s !n h++ f(++)* !g w+++ t+++ r+ y+(*)
