Skip to content

Commit

Permalink
proc: disable mem_write after exec
Browse files Browse the repository at this point in the history 
This change makes mem_write() observe the same constraints as mem_read().  This
is particularly important for mem_write as an accidental leak of the fd across
an exec could result in arbitrary modification of the target process' memory.
IOW, /proc/pid/mem is implicitly close-on-exec.

Signed-off-by: Stephen Wilson <wilsons@start.ca>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
  • Loading branch information
Stephen Wilson authored and Al Viro committed Mar 23, 2011
1 parent 5ddd36b commit 26947f8
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions fs/proc/base.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -850,6 +850,10 @@ static ssize_t mem_write(struct file * file, const char __user *buf,
if (check_mem_permission(task))
goto out;

copied = -EIO;
if (file->private_data != (void *)((long)current->self_exec_id))
goto out;

copied = -ENOMEM;
page = (char *)__get_free_page(GFP_TEMPORARY);
if (!page)
Expand Down

0 comments on commit 26947f8

Please sign in to comment.