Hello !
There seems to be anoter /proc race in the 2.2.1 linux kernel.
I will explain this with an example:
modprobe coda.o # will load coda.o as dynamically module
# the kernel will create a /proc/fs/coda directory
# on the fly.
cd /proc/fs/coda # make shell chdir("/proc/fs/coda")
rmmod coda.o # works ! (shouldn't)
ls -l # generate a oops.
after this, the coda.o module seems not to work at all. Maybe this is a
systematic problem of more than one driver. I am not a kernel hacker, so I
can't check all kernel modules for this kind of problem.
Since a user can control the whole process I think has security
implications.
A user can trigger a "modprobe module" command using the kerneld (oh, its
called kmod now...) mechanism.
A user can chdir /proc/fs/coda.
If the system has implemented the cron job as suggested in
linux/Documentation/kmod.txt the user has just to wait with
wd=/proc/fs/code to crash the system.
Kind regards,
Richard
------
"One day, computer power will eventually outstrip demand, and OS engineers
will be free to use friendly languages like LISP again.. until then, I
think we're stuck with C." -- Oliver Xymoro
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:32:21 PDT