On Mon, Oct 26, 2009 at 9:01 AM, Tony Finch <d...@dotat.at> wrote: > Attacker uses openat() to open and modify the "private" file.
At least with Linux 2.6.18, you still need +x permission on the directory to access its contents using openat(2).
- Re: /proc filesystem allows ... Anton Ivanov
- Re: /proc filesystem allows ... Dan Yefimov
- Re: /proc filesystem allows ... Anton Ivanov
- Re: /proc filesystem allows ... Pavel Machek
- Re: /proc filesystem allows ... Ivan Jager
- Re: /proc filesystem allows bypassing directo... Klaus Lichtenwalder
- Re: /proc filesystem allows bypassing directory permis... Daryl Tester
- Re: /proc filesystem allows bypassing directory permis... Pavel Kankovsky
- Re: /proc filesystem allows bypassing directory p... Pavel Kankovsky
- Re: /proc filesystem allows bypassing directory permis... Tony Finch
- Re: /proc filesystem allows bypassing directory p... Matthew Dempsky
- Re: /proc filesystem allows bypassing directo... Tony Finch
- Re: /proc filesystem allows bypassing dir... Matthew Dempsky
- Re: /proc filesystem allows bypassing dir... psz
- Re: /proc filesystem allows bypassing... Glynn Clements
- Re: /proc filesystem allows bypassing directory p... psz
- Re: /proc filesystem allows bypassing directory p... Pavel Machek
- Re: Re: /proc filesystem allows bypassing directory pe... nomail
