The following has be reported by IBM LTC: The /proc/<pid>/maps file for a suid program is no longer world readable Hardware Environment: Software Environment: Steps to Reproduce: 1. create a suid program 2. run it 3. ls -l /proc/<pid>/maps Actual Results: it is r--r----- Expected Results: in previous distros, it was r--r--r-- Additional Information: Why was this change made? When DB2 traps, this prevents us from dumping the /proc/<pid>/maps file to our trap file thus making diagnosis of the problem more difficult.Just checked machine that has Beta 2 on it. It is still r--r----- ------------------------------------------------------------------------------ [root@milicent root]# ps -ef | grep inet root 1289 1 0 Sep09 ? 00:00:00 xinetd -stayalive - pidfile /var/run/xinetd.pid root 2228 2179 0 14:25 pts/0 00:00:00 grep inet [root@milicent root]# ls -l /proc/1289/maps -r--r----- 1 root root 0 Sep 10 14:26 /proc/1289/maps [root@milicent root]#
This is as designed; the /proc/<pid>/maps file contains security sensitive information and thus should be per user only, just like the /proc/<pid>/fd stuff is.
------ Additional Comments From jmcrae.com 2003-15-09 11:36 ------- You mentioned that only the user should see this file. In our case, it was the user that attempted to view it, just that the user had already given up it's setuid priviledges. Should the ownership of the maps file change to reflect this?
------ Additional Comments From khoa.com 2003-16-09 18:52 ------- Glen/Greg - we need to push RH for an answer to Jeff McRae's question. Thanks.
the same privileges as /proc/<pid>/fd apply to /proc/<pid>/maps setuid is a special case and the kernel generally treats such a case very very careful (eg it won't write out a coredump either) since it is assumed that the app may contain privileged information it aquired during the "root" phase of the process' lifetime.
------ Additional Comments From khoa.com 2003-25-09 23:44 ------- Based on Red Hat's comment above, I'd like to reject this bug as NOTABUG. Thanks.
changed: What |Removed |Added ---------------------------------------------------------------------------- Status|REJECTED |CLOSED ------- Additional Comments From yvchan.com 2005-05-24 10:41 EDT ------- closed by yyc.