There's a race in the kernel, and considering the permissions on /proc/PID/{cmdline,environ} a security bug as well: If you win the race with a starting process, you can read its environment. http://lkml.org/lkml/2004/7/29/332
Might be 2.6 only fixed in 2.6.9 http://linux.bkbits.net:8080/linux-2.6/cset@412a4baaEebwtKg-X7sS2r5Mua6uGw
I believe RHEL2.1 isn't affected by this flaw and RHEL3 is only affected because of a backported patch. Moving to NEEDINFO for a kernel engineer to verify.
It looks like this was corrected for RHEL3, but RHEL21 is still vulnerable.
Created attachment 118875 [details] Backport proc_pid_cmdline() fix from RHEL3.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2006-0191.html