proc: disable mem_write after exec
This change makes mem_write() observe the same constraints as mem_read(). This is particularly important for mem_write as an accidental leak of the fd across an exec could result in arbitrary modification of the target process' memory. IOW, /proc/pid/mem is implicitly close-on-exec. Signed-off-by: Stephen Wilson <wilsons@start.ca> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
This commit is contained in:
parent
5ddd36b9c5
commit
26947f8c8f
@ -850,6 +850,10 @@ static ssize_t mem_write(struct file * file, const char __user *buf,
|
|||||||
if (check_mem_permission(task))
|
if (check_mem_permission(task))
|
||||||
goto out;
|
goto out;
|
||||||
|
|
||||||
|
copied = -EIO;
|
||||||
|
if (file->private_data != (void *)((long)current->self_exec_id))
|
||||||
|
goto out;
|
||||||
|
|
||||||
copied = -ENOMEM;
|
copied = -ENOMEM;
|
||||||
page = (char *)__get_free_page(GFP_TEMPORARY);
|
page = (char *)__get_free_page(GFP_TEMPORARY);
|
||||||
if (!page)
|
if (!page)
|
||||||
|
Loading…
Reference in New Issue
Block a user