From: Stephen Smalley This patch, relative to the /proc/pid/attr patch against 2.5.69, fixes the mode values of the /proc/pid/attr nodes to avoid interference by the normal Linux access checks for these nodes (and also fixes the /proc/pid/attr/prev mode to reflect its read-only nature). Otherwise, when the dumpable flag is cleared by a set[ug]id or unreadable executable, a process will lose the ability to set its own attributes via writes to /proc/pid/attr due to a DAC failure (/proc/pid inodes are assigned the root uid/gid if the task is not dumpable, and the original mode only permitted the owner to write). The security module should implement appropriate permission checking in its [gs]etprocattr hook functions. In the case of SELinux, the setprocattr hook function only allows a process to write to its own /proc/pid/attr nodes as well as imposing other policy-based restrictions, and the getprocattr hook function performs a permission check between the security labels of the current process and target process to determine whether the operation is permitted. 25-akpm/fs/proc/base.c | 8 ++++---- 1 files changed, 4 insertions(+), 4 deletions(-) diff -puN fs/proc/base.c~proc-pid-attr-fix fs/proc/base.c --- 25/fs/proc/base.c~proc-pid-attr-fix Fri May 16 14:09:43 2003 +++ 25-akpm/fs/proc/base.c Fri May 16 14:09:55 2003 @@ -99,10 +99,10 @@ static struct pid_entry base_stuff[] = { }; #ifdef CONFIG_SECURITY static struct pid_entry attr_stuff[] = { - E(PROC_PID_ATTR_CURRENT, "current", S_IFREG|S_IRUGO|S_IWUSR), - E(PROC_PID_ATTR_PREV, "prev", S_IFREG|S_IRUGO|S_IWUSR), - E(PROC_PID_ATTR_EXEC, "exec", S_IFREG|S_IRUGO|S_IWUSR), - E(PROC_PID_ATTR_FSCREATE, "fscreate", S_IFREG|S_IRUGO|S_IWUSR), + E(PROC_PID_ATTR_CURRENT, "current", S_IFREG|S_IRUGO|S_IWUGO), + E(PROC_PID_ATTR_PREV, "prev", S_IFREG|S_IRUGO), + E(PROC_PID_ATTR_EXEC, "exec", S_IFREG|S_IRUGO|S_IWUGO), + E(PROC_PID_ATTR_FSCREATE, "fscreate", S_IFREG|S_IRUGO|S_IWUGO), {0,0,NULL,0} }; #endif _