'Re: [RFC][PATCH] scripts with stdin replaced'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-kernel
Subject:    Re: [RFC][PATCH] scripts with stdin replaced
From:       allbery () kf8nh ! apk ! net
Date:       1999-07-05 17:05:47
[Download RAW message or body]

On  5 Jul, Richard Guenther wrote:
+-----
|  On Mon, 5 Jul 1999, Jamie Lokier wrote:
|  >   - Open fd 3, pass /proc/self/fd/3 as the script name.
|  
|  And rewrite each program to _not_ open("/proc/self/fd/3") as
|  this is just a symlink to the real file, i.e. I could have passed
|  the filename right away.
+--->8

bzzzt.  It's not really a symlink; it's just made to look like one so
e.g . ls on /proc/*/fd behaves semi-sanely.  (Remember, /proc isn't a
normal filesystem.)

You can't apply normal symlink-replacement attacks against
/proc/self/fd/*:  the only way to alter or replace those is to modify 
the process's in-kernel file table.  It is therefore a safe way to pass
the script.

-- 
brandon s. allbery	[os/2][linux][solaris][japh]	 allbery@kf8nh.apk.net
system administrator	     [WAY too many hats]	   allbery@ece.cmu.edu
carnegie mellon / electrical and computer engineering			 KF8NH
     We are Linux. Resistance is an indication that you missed the point.


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic