[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-kernel
Subject:    Re: Why are exe, cwd, and root priviledged bits of information?
From:       Daniel Jacobowitz <dan () debian ! org>
Date:       2002-11-07 22:28:54
[Download RAW message or body]

On Thu, Nov 07, 2002 at 02:16:15PM -0800, jw schultz wrote:
> On Thu, Nov 07, 2002 at 11:05:21AM -0500, Daniel Jacobowitz wrote:
> > On Thu, Nov 07, 2002 at 10:57:06AM -0500, Calin A. Culianu wrote:
> > > 
> > > In the /prod/PID subset of procfs, why are the exe, cwd, and root symlinks
> > > considered priviledged information?
> > > 
> > > Exe is the big one for me, as this one can be usually infered from reading
> > > /prod/PID/maps.  Root I guess can't be inferred in any unpriviledged way,
> > > and neither can cwd.  At any rate.. I am not sure behind the philosophy to
> > > make these symlinks' destinations priviledged...  can someone clarify
> > > this?
> > 
> > This came up a little while ago.  The answer is that maps should be
> > priviledged also.
> > 
> > For instance:
> >   You can protect a directory by giving its parent directory no read
> > permissions.  The name of the directory is now secret.  You don't want
> > to reveal it in cwd.
> > 
> 
> Daniel is correct in that the issue came up recently.  He
> gives _his_ answer above.  If you believe in security
> through obscurity you will agree with him.  I don't.
> I will agree that there should be no real reason to need
> access to this information.
> 
> With ACLs you will be able to explicitly grant access and
> you won't have to depend on keeping shared info secret.
> Then this will be less of an issue.

I recommend you go think about what security through obscurity actually
_means_.  If you think that an unreadable directory and a
randomly-generated subdirectory is security through obscurity, then in
what way is it actually different from a _password_?  That's what it
is.

Yes, this is poor-man's-ACLs.  It works in a lot of places when ACLs
won't.  For instance, an anonymous FTP server...

-- 
Daniel Jacobowitz
MontaVista Software                         Debian GNU/Linux Developer
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
[prev in list] [next in list] [prev in thread] [next in thread]