1d1221f375
/proc/PID/io may be used for gathering private information. E.g. for openssh and vsftpd daemons wchars/rchars may be used to learn the precise password length. Restrict it to processes being able to ptrace the target process. ptrace_may_access() is needed to prevent keeping open file descriptor of "io" file, executing setuid binary and gathering io information of the setuid'ed process. Signed-off-by: Vasiliy Kulikov <segoon@openwall.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
---|---|---|
.. | ||
Kconfig | ||
Makefile | ||
array.c | ||
base.c | ||
cmdline.c | ||
consoles.c | ||
cpuinfo.c | ||
devices.c | ||
generic.c | ||
inode.c | ||
internal.h | ||
interrupts.c | ||
kcore.c | ||
kmsg.c | ||
loadavg.c | ||
meminfo.c | ||
mmu.c | ||
namespaces.c | ||
nommu.c | ||
page.c | ||
proc_devtree.c | ||
proc_net.c | ||
proc_sysctl.c | ||
proc_tty.c | ||
root.c | ||
softirqs.c | ||
stat.c | ||
task_mmu.c | ||
task_nommu.c | ||
uptime.c | ||
version.c | ||
vmcore.c |