https://github.com/torvalds/linux
Revision f83ce3e6b02d5e48b3a43b001390e2b58820389d authored by Jake Edge on 04 May 2009, 18:51:14 UTC, committed by Linus Torvalds on 04 May 2009, 22:14:23 UTC
By using the same test as is used for /proc/pid/maps and /proc/pid/smaps, only allow processes that can ptrace() a given process to see information that might be used to bypass address space layout randomization (ASLR). These include eip, esp, wchan, and start_stack in /proc/pid/stat as well as the non-symbolic output from /proc/pid/wchan. ASLR can be bypassed by sampling eip as shown by the proof-of-concept code at http://code.google.com/p/fuzzyaslr/ As part of a presentation (http://www.cr0.org/paper/to-jt-linux-alsr-leak.pdf) esp and wchan were also noted as possibly usable information leaks as well. The start_stack address also leaks potentially useful information. Cc: Stable Team <stable@kernel.org> Signed-off-by: Jake Edge <jake@lwn.net> Acked-by: Arjan van de Ven <arjan@linux.intel.com> Acked-by: "Eric W. Biederman" <ebiederm@xmission.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
1 parent 7fdf523
Tip revision: f83ce3e6b02d5e48b3a43b001390e2b58820389d authored by Jake Edge on 04 May 2009, 18:51:14 UTC
proc: avoid information leaks to non-privileged processes
proc: avoid information leaks to non-privileged processes
Tip revision: f83ce3e
| File | Mode | Size |
|---|---|---|
| Documentation | ||
| arch | ||
| block | ||
| crypto | ||
| drivers | ||
| firmware | ||
| fs | ||
| include | ||
| init | ||
| ipc | ||
| kernel | ||
| lib | ||
| mm | ||
| net | ||
| samples | ||
| scripts | ||
| security | ||
| sound | ||
| usr | ||
| virt | ||
| .gitignore | -rw-r--r-- | 885 bytes |
| .mailmap | -rw-r--r-- | 3.9 KB |
| COPYING | -rw-r--r-- | 18.3 KB |
| CREDITS | -rw-r--r-- | 91.6 KB |
| Kbuild | -rw-r--r-- | 2.4 KB |
| MAINTAINERS | -rw-r--r-- | 144.4 KB |
| Makefile | -rw-r--r-- | 53.8 KB |
| README | -rw-r--r-- | 16.7 KB |
| REPORTING-BUGS | -rw-r--r-- | 3.1 KB |
Computing file changes ...
