Bug 104237 - LTC4327-The /proc/<pid>/maps file for a suid program is no longer world readable
Summary: LTC4327-The /proc/<pid>/maps file for a suid program is no longer world readable
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: kernel
Version: 3.0
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Dave Jones
QA Contact: Brian Brock
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2003-09-11 16:12 UTC by IBM Bug Proxy
Modified: 2015-01-04 22:03 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2004-10-26 02:14:39 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)

Description IBM Bug Proxy 2003-09-11 16:12:31 UTC 
The following has be reported by IBM LTC:  
The /proc/<pid>/maps file for a suid program is no longer world readable
Hardware Environment:


Software Environment:


Steps to Reproduce:


1.  create a suid program


2.  run it


3.  ls -l /proc/<pid>/maps




Actual Results:


it is r--r----- 


Expected Results:


in previous distros, it was r--r--r--

Additional Information:

Why was this change made?  When DB2 traps, this prevents us from dumping the 


/proc/<pid>/maps file to our trap file thus making diagnosis of the problem more


difficult.Just checked machine that has Beta 2 on it.
It is still r--r----- 
------------------------------------------------------------------------------
[root@milicent root]# ps -ef | grep inet
root      1289     1  0 Sep09 ?        00:00:00 xinetd -stayalive -
pidfile /var/run/xinetd.pid
root      2228  2179  0 14:25 pts/0    00:00:00 grep inet
[root@milicent root]# ls -l /proc/1289/maps
-r--r-----    1 root     root            0 Sep 10 14:26 /proc/1289/maps
[root@milicent root]#
Comment 1 Arjan van de Ven 2003-09-11 16:44:51 UTC 
This is as designed; the /proc/<pid>/maps file contains security sensitive
information and thus should be per user only, just like the /proc/<pid>/fd stuff is.
Comment 2 IBM Bug Proxy 2003-09-15 16:35:26 UTC 
------ Additional Comments From jmcrae.com  2003-15-09 11:36 -------
You mentioned that only the user should see this file. In our case, it was the 
user that attempted to view it, just that the user had already given up it's 
setuid priviledges.  Should the ownership of the maps file change to reflect 
this?
Comment 3 IBM Bug Proxy 2003-09-16 22:57:38 UTC 
------ Additional Comments From khoa.com  2003-16-09 18:52 -------
Glen/Greg - we need to push RH for an answer to Jeff McRae's question.
Thanks.
Comment 4 Arjan van de Ven 2003-09-17 07:06:50 UTC 
the same privileges as /proc/<pid>/fd apply to /proc/<pid>/maps
setuid is a special case and the kernel generally treats such a case very very
careful (eg it won't write out a coredump either) since it is assumed that the
app may contain privileged information it aquired during the "root" phase of the
process' lifetime.
Comment 5 IBM Bug Proxy 2003-09-26 04:04:38 UTC 
------ Additional Comments From khoa.com  2003-25-09 23:44 -------
Based on Red Hat's comment above, I'd like to reject this bug as NOTABUG.
Thanks.
Comment 6 IBM Bug Proxy 2005-05-24 14:44:33 UTC 
changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|REJECTED                    |CLOSED




------- Additional Comments From yvchan.com  2005-05-24 10:41 EDT -------
closed by yyc.
Note You need to log in before you can comment on or make changes to this bug.