linux/fs
Eric W. Biederman 0f2fe20f55 [PATCH] proc: Properly filter out files that are not visible to a process
Long ago and far away in 2.2 we started checking to ensure the files we
displayed in /proc were visible to the current process.  It was an
unsophisticated time and no one was worried about functions full of FIXMES in
a stable kernel.  As time passed the function became sacred and was enshrined
in the shrine of how things have always been.  The fixes came in but only to
keep the function working no one really remembering or documenting why we did
things that way.

The intent and the functionality make a lot of sense.  Don't let /proc be an
access point for files a process can see no other way.  The implementation
however is completely wrong.

We are currently checking the root directories of the two processes, we are
not checking the actual file descriptors themselves.

We are strangely checking with a permission method instead of just when we use
the data.

This patch fixes the logic to actually check the file descriptors and make a
note that implementing a permission method for this part of /proc almost
certainly indicates a bug in the reasoning.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-06-26 09:58:24 -07:00
..
9p Merge git://git.linux-nfs.org/pub/linux/nfs-2.6 2006-06-25 10:54:14 -07:00
adfs [PATCH] VFS: Permit filesystem to perform statfs with a known root dentry 2006-06-23 07:42:45 -07:00
affs [PATCH] fix %s in affs_fill_super() 2006-06-25 10:01:22 -07:00
afs [PATCH] fs: use list_move() 2006-06-26 09:58:18 -07:00
autofs [PATCH] VFS: Permit filesystem to override root dentry on mount 2006-06-23 07:42:45 -07:00
autofs4 [PATCH] fs: use list_move() 2006-06-26 09:58:18 -07:00
befs [PATCH] VFS: Permit filesystem to perform statfs with a known root dentry 2006-06-23 07:42:45 -07:00
bfs [PATCH] VFS: Permit filesystem to perform statfs with a known root dentry 2006-06-23 07:42:45 -07:00
cifs Merge branch 'master' of /home/trondmy/kernel/linux-2.6/ 2006-06-24 13:07:53 -04:00
coda [PATCH] use list_add_tail() instead of list_add() 2006-06-26 09:58:17 -07:00
configfs [PATCH] fs: use list_move() 2006-06-26 09:58:18 -07:00
cramfs [PATCH] read_mapping_page for address space 2006-06-23 07:43:02 -07:00
debugfs Merge branch 'master' of /home/trondmy/kernel/linux-2.6/ 2006-06-24 13:07:53 -04:00
devfs [PATCH] VFS: Permit filesystem to override root dentry on mount 2006-06-23 07:42:45 -07:00
devpts [PATCH] VFS: Permit filesystem to override root dentry on mount 2006-06-23 07:42:45 -07:00
efs [PATCH] VFS: Permit filesystem to perform statfs with a known root dentry 2006-06-23 07:42:45 -07:00
exportfs [PATCH] NFS server subtree_check returns dubious value 2006-05-21 12:59:16 -07:00
ext2 [PATCH] ext2: cleanup: put_page and comment fix 2006-06-25 10:01:25 -07:00
ext3 [PATCH] ext3: Add "-o bh" option 2006-06-26 09:58:20 -07:00
fat [PATCH] fs/fat/misc.c: unexport fat_sync_bhs 2006-06-23 07:43:03 -07:00
freevxfs [PATCH] fs/freevxfs: cleanup of spelling errors 2006-06-25 10:01:01 -07:00
fuse Merge git://git.linux-nfs.org/pub/linux/nfs-2.6 2006-06-25 10:54:14 -07:00
hfs [PATCH] read_mapping_page for address space 2006-06-23 07:43:02 -07:00
hfsplus [PATCH] read_mapping_page for address space 2006-06-23 07:43:02 -07:00
hostfs [PATCH] VFS: Permit filesystem to perform statfs with a known root dentry 2006-06-23 07:42:45 -07:00
hpfs [PATCH] VFS: Permit filesystem to perform statfs with a known root dentry 2006-06-23 07:42:45 -07:00
hppfs [PATCH] VFS: Permit filesystem to perform statfs with a known root dentry 2006-06-23 07:42:45 -07:00
hugetlbfs [PATCH] tightening hugetlb strict accounting 2006-06-23 07:42:48 -07:00
isofs [PATCH] VFS: Permit filesystem to perform statfs with a known root dentry 2006-06-23 07:42:45 -07:00
jbd [PATCH] ext3: fix memory leak when the journal file is corrupted 2006-06-25 10:01:07 -07:00
jffs [PATCH] VFS: Permit filesystem to perform statfs with a known root dentry 2006-06-23 07:42:45 -07:00
jffs2 [PATCH] fs: use list_move() 2006-06-26 09:58:18 -07:00
jfs [PATCH] read_mapping_page for address space 2006-06-23 07:43:02 -07:00
lockd NLM: Fix reclaim races 2006-06-09 09:40:27 -04:00
minix [PATCH] read_mapping_page for address space 2006-06-23 07:43:02 -07:00
msdos [PATCH] VFS: Permit filesystem to override root dentry on mount 2006-06-23 07:42:45 -07:00
ncpfs [PATCH] VFS: Permit filesystem to perform statfs with a known root dentry 2006-06-23 07:42:45 -07:00
nfs Fix NFS2 compile error 2006-06-25 12:30:33 -07:00
nfs_common [PATCH] nfsacl: Solaris VxFS compatibility fix 2005-10-11 09:46:54 -07:00
nfsd [PATCH] fs: use list_move() 2006-06-26 09:58:18 -07:00
nls [PATCH] fs: Use ARRAY_SIZE macro 2006-03-24 07:33:19 -08:00
ntfs [PATCH] Prepare for __copy_from_user_inatomic to not zero missed bytes 2006-06-25 10:01:09 -07:00
ocfs2 [PATCH] fs: use list_move() 2006-06-26 09:58:18 -07:00
openpromfs [PATCH] openpromfs: factorize out 2006-06-25 10:01:05 -07:00
partitions [PATCH] make kernel warn about incorrectly sized partitions 2006-06-23 07:43:09 -07:00
proc [PATCH] proc: Properly filter out files that are not visible to a process 2006-06-26 09:58:24 -07:00
qnx4 [PATCH] VFS: Permit filesystem to perform statfs with a known root dentry 2006-06-23 07:42:45 -07:00
ramfs [PATCH] VFS: Permit filesystem to override root dentry on mount 2006-06-23 07:42:45 -07:00
reiserfs [PATCH] reiserfs: remove reiserfs_aio_write() 2006-06-26 09:58:19 -07:00
romfs [PATCH] VFS: Permit filesystem to perform statfs with a known root dentry 2006-06-23 07:42:45 -07:00
smbfs [PATCH] fs: use list_move() 2006-06-26 09:58:18 -07:00
sysfs [PATCH] core: use list_move() 2006-06-26 09:58:17 -07:00
sysv [PATCH] read_mapping_page for address space 2006-06-23 07:43:02 -07:00
udf [PATCH] VFS: Permit filesystem to perform statfs with a known root dentry 2006-06-23 07:42:45 -07:00
ufs [PATCH] fs/ufs/inode.c: make 2 functions static 2006-06-25 10:01:04 -07:00
vfat [PATCH] VFS: Permit filesystem to override root dentry on mount 2006-06-23 07:42:45 -07:00
xfs [PATCH] xfs: update ->flush method proto 2006-06-25 17:43:32 -07:00
aio.c [PATCH] list: use list_replace_init() instead of list_splice_init() 2006-06-23 07:43:07 -07:00
attr.c [PATCH] capable/capability.h (fs/) 2006-01-11 18:42:13 -08:00
bad_inode.c [PATCH] Make most file operations structs in fs/ const 2006-03-28 09:16:06 -08:00
binfmt_aout.c [PATCH] dump_thread() cleanup 2006-01-10 08:01:25 -08:00
binfmt_elf_fdpic.c [PATCH] frv: binfmt_elf_fdpic __user annotations 2006-06-23 07:42:54 -07:00
binfmt_elf.c [PATCH] binflt_elf: remove more casts 2006-06-23 07:43:05 -07:00
binfmt_em86.c
binfmt_flat.c [PATCH] uclinux: use PER_LINUX_32BIT in binfmt_flat 2006-06-25 21:04:24 -07:00
binfmt_misc.c Merge branch 'master' of /home/trondmy/kernel/linux-2.6/ 2006-06-24 13:07:53 -04:00
binfmt_script.c
binfmt_som.c [PATCH] mm: mm_init set_mm_counters 2005-10-29 21:40:38 -07:00
bio.c [PATCH] Fix missing ret assignment in __bio_map_user() error path 2006-06-17 10:52:12 -07:00
block_dev.c [PATCH] VFS: Permit filesystem to override root dentry on mount 2006-06-23 07:42:45 -07:00
buffer.c [PATCH] Kill PF_SYNCWRITE flag 2006-06-23 17:10:39 +02:00
char_dev.c [PATCH] Simplify proc/devices and fix early termination regression 2006-03-31 12:18:53 -08:00
compat_ioctl.c [PATCH] i4l: Gigaset drivers: add IOCTLs to compat_ioctl.h 2006-06-26 09:58:23 -07:00
compat.c [PATCH] VFS: Permit filesystem to perform statfs with a known root dentry 2006-06-23 07:42:45 -07:00
dcache.c [PATCH] core: use list_move() 2006-06-26 09:58:17 -07:00
dcookies.c [PATCH] Use __read_mostly on some hot fs variables 2006-03-26 08:56:56 -08:00
direct-io.c [PATCH] Kill PF_SYNCWRITE flag 2006-06-23 17:10:39 +02:00
dnotify.c [PATCH] Use __read_mostly on some hot fs variables 2006-03-26 08:56:56 -08:00
dquot.c [PATCH] use list_add_tail() instead of list_add() 2006-06-26 09:58:17 -07:00
drop_caches.c [PATCH] drop-pagecache 2006-01-08 20:12:40 -08:00
eventpoll.c [PATCH] epoll: use unlocked wqueue operations 2006-06-25 10:01:13 -07:00
exec.c [PATCH] remove steal_locks() 2006-06-22 15:05:57 -07:00
fcntl.c BUG_ON() Conversion in fs/fcntl.c 2006-04-02 13:37:19 +02:00
fifo.c [PATCH] pipe.c/fifo.c code cleanups 2006-04-11 13:53:33 +02:00
file_table.c [PATCH] percpu counter data type changes to suppport more than 2**31 ext3 free blocks counter 2006-06-23 07:43:06 -07:00
file.c [PATCH] for_each_possible_cpu: fixes for generic part 2006-03-28 09:16:05 -08:00
filesystems.c [PATCH] fix missing includes 2005-10-30 17:37:32 -08:00
fs-writeback.c [PATCH] Kill PF_SYNCWRITE flag 2006-06-23 17:10:39 +02:00
inode.c BUG_ON() Conversion in fs/inode.c 2006-04-02 13:38:18 +02:00
inotify_user.c [PATCH] VFS: Permit filesystem to override root dentry on mount 2006-06-23 07:42:45 -07:00
inotify.c [PATCH] inotify (4/5): allow watch removal from event handler 2006-06-20 05:25:19 -04:00
ioctl.c [PATCH] capable/capability.h (fs/) 2006-01-11 18:42:13 -08:00
ioprio.c [PATCH] lsm: add task_setioprio hook 2006-06-23 07:42:53 -07:00
Kconfig [PATCH] nfsd kconfig: select things at the closest tristate instead of bool 2006-06-26 09:58:23 -07:00
Kconfig.binfmt [PATCH] frv: suppress configuration of certain features for FRV 2006-01-08 20:13:36 -08:00
libfs.c [PATCH] core: use list_move() 2006-06-26 09:58:17 -07:00
locks.c [PATCH] fs/locks.c: make posix_locks_deadlock() static 2006-06-23 07:43:03 -07:00
Makefile [PATCH] inotify (1/5): split kernel API from userspace support 2006-06-20 05:25:17 -04:00
mbcache.c [PATCH] Typo fixes 2006-03-28 09:16:08 -08:00
mpage.c [PATCH] writeback: fix range handling 2006-06-23 07:42:49 -07:00
namei.c [PATCH] Implement AT_SYMLINK_FOLLOW flag for linkat 2006-06-25 10:01:22 -07:00
namespace.c [PATCH] core: use list_move() 2006-06-26 09:58:17 -07:00
nfsctl.c [PATCH] fs: Use ARRAY_SIZE macro 2006-03-24 07:33:19 -08:00
open.c [PATCH] ftruncate does not always update m/ctime 2006-06-25 10:01:15 -07:00
pipe.c [PATCH] VFS: Permit filesystem to override root dentry on mount 2006-06-23 07:42:45 -07:00
pnode.c [PATCH] core: use list_move() 2006-06-26 09:58:17 -07:00
pnode.h [PATCH] unbindable mounts 2005-11-07 18:18:11 -08:00
posix_acl.c [PATCH] gfp flags annotations - part 1 2005-10-08 15:00:57 -07:00
quota_v1.c
quota_v2.c [PATCH] sem2mutex: quota 2006-03-23 07:38:11 -08:00
quota.c [PATCH] sem2mutex: quota 2006-03-23 07:38:11 -08:00
read_write.c [PATCH] splice: unlikely() optimizations 2006-04-11 13:56:09 +02:00
readdir.c [PATCH] mutex subsystem, semaphore to mutex: VFS, ->i_sem 2006-01-09 15:59:24 -08:00
select.c [PATCH] fs: sys_poll with timeout -1 bug fix 2006-06-25 10:01:22 -07:00
seq_file.c [PATCH] sem2mutex: fs/seq_file.c 2006-03-23 07:38:12 -08:00
splice.c [PATCH] splice: retrieve mapping after locking the page 2006-06-23 17:10:39 +02:00
stat.c [PATCH] powerpc: Wire up *at syscalls 2006-04-28 21:04:59 +10:00
super.c Merge branch 'master' of /home/trondmy/kernel/linux-2.6/ 2006-06-24 13:07:53 -04:00
sync.c [PATCH] writeback: fix range handling 2006-06-23 07:42:49 -07:00
xattr_acl.c
xattr.c [PATCH] log more info for directory entry change events 2006-06-20 05:25:28 -04:00