[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [MiNT] Was: /proc, will be: /sys
> From: Konrad M. Kokoszkiewicz [mailto:draco@obta.uw.edu.pl]
> Sent: Monday, November 15, 1999 4:20 PM
> To: Julian Reschke
> Cc: MiNT mailing list
> Subject: RE: [MiNT] Was: /proc, will be: /sys
>
>
>
> > > In this case it would be enough to set +s AFAIK. And I
> personally don't
> > > remember any security (+ add ironic accent) things that would apply to
> > > Fcntl(), except for Fcntl(PSETFLAGS) recently (euid root is needed at
> > > securelevel > 1 to request F_OS_SPECIAL).
> >
> > Well,
> >
> > to be able to do that you have to have a filesysten which supports these
> > attributes. I still don't see why it should be forbidden for
> processes that
> > are not owned by root to inquire information about other people's
> > processes...
>
> Erm, sorry??
>
> IMHO, it is not forbidden to *inquire* anything (well, almost, but this is
> not the topic). It may be only forbidden to *setup* things. And I don't
> know about any code that simultaneously relies on securelevel value and is
> root restricted etc. that could apply to procfs ioctl(), with EXCEPT that
> it is FORBIDDEN to SET the F_OS_SPECIAL memory access for a process that
> is NOT belonging to superuser, but ONLY IF securelevel is BIGGER than 1.
The issue is that you can't Fopen a file on u:\proc unless you are root, or
it belongs to you. And if you can't open it, you can't apply an Fcntl,
right?