kernel-aes67/Documentation/filesystems
Kees Cook 5096add84b proc: maps protection
The /proc/pid/ "maps", "smaps", and "numa_maps" files contain sensitive
information about the memory location and usage of processes.  Issues:

- maps should not be world-readable, especially if programs expect any
  kind of ASLR protection from local attackers.
- maps cannot just be 0400 because "-D_FORTIFY_SOURCE=2 -O2" makes glibc
  check the maps when %n is in a *printf call, and a setuid(getuid())
  process wouldn't be able to read its own maps file.  (For reference
  see http://lkml.org/lkml/2006/1/22/150)
- a system-wide toggle is needed to allow prior behavior in the case of
  non-root applications that depend on access to the maps contents.

This change implements a check using "ptrace_may_attach" before allowing
access to read the maps contents.  To control this protection, the new knob
/proc/sys/kernel/maps_protect has been added, with corresponding updates to
the procfs documentation.

[akpm@linux-foundation.org: build fixes]
[akpm@linux-foundation.org: New sysctl numbers are old hat]
Signed-off-by: Kees Cook <kees@outflux.net>
Cc: Arjan van de Ven <arjan@infradead.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2007-05-08 11:15:02 -07:00
..
configfs
9p.txt 9p: implement optional loose read cache 2007-02-18 10:16:10 -06:00
00-INDEX 9p: implement optional loose read cache 2007-02-18 10:16:10 -06:00
adfs.txt
affs.txt
afs.txt [AFS]: Update the AFS fs documentation. 2007-04-26 15:57:43 -07:00
automount-support.txt
befs.txt
bfs.txt [PATCH] update Tigran's email addresses 2006-12-13 09:05:53 -08:00
cifs.txt
coda.txt
cramfs.txt
dentry-locking.txt
directory-locking
dlmfs.txt
Exporting
ext2.txt
ext3.txt
ext4.txt
files.txt
fuse.txt [PATCH] fuse: fix typo 2006-12-30 10:56:45 -08:00
gfs2.txt
hfs.txt
hpfs.txt
inotify.txt
isofs.txt
jfs.txt
Locking [PATCH] NFS: Fix race in nfs_release_page() 2007-01-11 18:18:21 -08:00
ncpfs.txt
ntfs.txt NTFS: 2.1.28 - Fix deadlock reported by Sergey Vlasov due to ntfs_put_inode(). 2007-01-18 09:42:48 +00:00
ocfs2.txt
porting
proc.txt proc: maps protection 2007-05-08 11:15:02 -07:00
ramfs-rootfs-initramfs.txt
relay.txt [PATCH] Relay: add CPU hotplug support 2007-02-11 10:51:28 -08:00
romfs.txt
smbfs.txt
spufs.txt
sysfs-pci.txt Fix typos concerning hierarchy 2007-02-17 19:23:03 +01:00
sysfs.txt
sysv-fs.txt
tmpfs.txt
udf.txt
ufs.txt [PATCH] ufs2 write: mount as rw 2007-02-12 09:48:40 -08:00
vfat.txt
vfs.txt [PATCH] fs: fix libfs data leak 2007-02-20 17:10:15 -08:00
xfs.txt
xip.txt