[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-kernel
Subject:    Re: Why are exe, cwd, and root priviledged bits of information?
From:       daw () mozart ! cs ! berkeley ! edu (David Wagner)
Date:       2002-11-07 22:44:09
[Download RAW message or body]

jw schultz  wrote:
>On Thu, Nov 07, 2002 at 11:05:21AM -0500, Daniel Jacobowitz wrote:
>> For instance:
>>   You can protect a directory by giving its parent directory no read
>> permissions.  The name of the directory is now secret.  You don't want
>> to reveal it in cwd.
>
>Daniel is correct in that the issue came up recently.  He
>gives _his_ answer above.  If you believe in security
>through obscurity you will agree with him.

Huh?  This has nothing to do with security through obscurity.
This has to do with the Unix permissions model.  /proc/pid probably
shouldn't leak information that would otherwise be kept confidential in the
standard Unix permissions model (principle of least surprise, etc.).

>I will agree that there should be no real reason to need
>access to this information.

They why is it allowed?  Allowing something that noone needs and
that breaks most people's intuitions of how security will work seems
like a pretty questionable idea.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
[prev in list] [next in list] [prev in thread] [next in thread]