Re: /proc filesystem allows bypassing directory permissions on Linux

From: Dan Yefimov <dan@lightwave.net.ru>
To: Matthew Bergin <matt.bergin@hotmail.com>
Cc: bugtraq@securityfocus.com
Subject: Re: /proc filesystem allows bypassing directory permissions on Linux
Date:


On 24.10.2009 0:35, Matthew Bergin wrote:
> doesnt look like the original owner is trying to write to it. Shows it
> cant, it had guest write to it via the proc folders bad permissions.
> Looks legitimate
>
Please tell me, who issued 'chmod 0666 unwritable_file'? Was that an attacker? 
No, that was the owner of 'unwritable_file', nobody else. What the 0666 file 
mode means? It means, that everybody can write to the file, can't he? So why do 
you believe that pretension legitimate?
-- 

Sincerely Your, Dan.





Copyright © 1995-2018 LinuxRocket.net. All rights reserved.