Subject: Re: new mremap(2): relax alignment restrictions?
To: Eric Haszlakiewicz <erh@nimenees.com>
From: Simon 'corecode' Schubert <corecode@fs.ei.tum.de>
List: tech-kern
Date: 07/27/2007 00:32:29
Eric Haszlakiewicz wrote:
> On Wed, Jul 25, 2007 at 10:57:53PM -0700, Bill Stouder-Studenmund wrote:
>> We should check, but I doubt there is a security issue here. All you're
>> going to find is anything extra you scribbled while the page was in cache.
>> And you have to have write access to do that, so you could have written
>> the file anyway.
>
> Sure, but anyone with read access can see that data. You don't need write
> access for that. You can even do it with cp:
But the writer is not supposed to write there in the first place! But even if this is a bug in the writer (writing after the end of the (mapped) file), it is still writing to a file which can be read by users with the appropriate permissions. I don't really see a security problem there.
cheers
simon
--
Serve - BSD +++ RENT this banner advert +++ ASCII Ribbon /"\
Work - Mac +++ space for low €€€ NOW!1 +++ Campaign \ /
Party Enjoy Relax | http://dragonflybsd.org Against HTML \
Dude 2c 2 the max ! http://golden-apple.biz Mail + News / \