Conversation

Notices

1. Embed this notice
   Drew DeVault (drewdevault@fosstodon.org)'s status on Friday, 05-Jan-2024 21:20:14 JST Drew DeVault

   I just learned that O_RDONLY is a lie on Linux because you can just open /proc/self/fd/whatever with O_RDWR to change the mode

   That's fucking gross man

   • Haelwenn /элвэн/ :triskell: likes this.
   • Embed this notice
     Drew DeVault (drewdevault@fosstodon.org)'s status on Friday, 05-Jan-2024 21:21:07 JST Drew DeVault

     in reply to

     • Taxo Rubio:wq

     @taxorubio it does not require escalated privileges!

     The context is that I have a subprocess which holds onto root in order to open specific files for the main process, which is not root for security reasons. The root process opens them O_RDONLY and passes them to the non-root process via cmsg(3).. which can then open /proc/self/fd/<fd> as O_RDWR and gain write access to that file.

     Haelwenn /элвэн/ :triskell: likes this.
   • Embed this notice
     Taxo Rubio:wq (taxorubio@fosstodon.org)'s status on Friday, 05-Jan-2024 21:21:08 JST Taxo Rubio:wq

     in reply to

     @drewdevault But you would require escalated privileges to set the file descriptor's flags right? So I guess that if the OS won't let you open a file with write permissions, it won't let you change the flags for the same reason and in order to change them you would need the permissions that would have let you write into the file in the first place 🤔

   • Embed this notice
     Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Friday, 05-Jan-2024 21:23:21 JST Haelwenn /элвэн/ :triskell:

     in reply to

     • Taxo Rubio:wq
     @drewdevault @taxorubio So fd-passing on linux is broken if you expect restricted permissions like read-only? Or it's just a bad planet alignment?