On Wed, 8 Feb 1995, Casper Dik wrote: > > >> > >> > >> > >> >Not if "Real OS(tm)" == Linux. (which of course has the best procfs money can't > >> >buy). > >> > > >> > >> Which is why Linux procfs has tons of security holes. > >> > >> Casper > >> > > > >Such as? > > > Hm, they seem to be fix now. In early rleases the permissions > of the fd and cd and exec files weren't right. > > Now it uses some ugly hack that looks like the modes on the symlink > are 700 (lrwx------) which only seems to work on the funny symlinks > under /proc. > > Hm, it just occured to me that, as root, hijackling connections under Linux > is real simple, you just open the right /proc/pid/fd/<num> Indeed ... I don't think there really is a lack of root-able ways of getting *anything* hijacked or somesuch on *any* machine, regardless of procfs usage or not :) /----------------------------------------------------------------------\ <> Stephan K. Zitz <> My mind is my best friend... <> <> zitz@infinity.ivdev.com <> And my worst enemy... GABBPUY! <> <> Integrated Visions -- Watch out, is on its way.... <> \======================================================================/ GCS/M d-- p c++++ l+++ u++ e+ m-(++) s !n h++ f(++)* !g w+++ t+++ r+ y+(*)