|
Description
|
From an lx branded zone:
-bash-2.05b# ls -l /proc/self/fd/
ls: cannot read symbolic link /proc/self/fd/0: Invalid argument
ls: cannot read symbolic link /proc/self/fd/1: Invalid argument
ls: cannot read symbolic link /proc/self/fd/2: Invalid argument
total 0
lrwx------ 1 root root 0 Jul 24 14:31 0
lrwx------ 1 root root 0 Jul 24 14:31 1
lrwx------ 1 root root 0 Jul 24 14:31 2
lrwx------ 1 root root 0 Jul 24 14:31 3 -> /proc/147291/fd
File descriptors should be pointing to /dev/pts/1.
in the case of a shell running in a pseudo terminal, /proc/self/fd links
should point to the pts device associated with the terminal. so if you're
logged in on pts/0 then /proc/self/fd/[012] will usually point to /dev/pts/0,
if you're logged into pts/1 then /proc/self/fd[012] will usually point to
/dev/pts/1.
the fact that the /proc/self/fd/ links are broken seems bad. i'm wondering
if this only occurs for zlogin processes and not ssh/telnet/etc, or perhaps
vice-versa? what about screen and xterm?
Also, root does not have access to proc directories owned by other users:
root@unbearable:/proc/137134$ ls -dl fd
dr-x------ 1 eh208807 eh208807 0 2007-07-30 12:52 fd
root@unbearable:/proc/137134$ ls fd
ls: fd: Permission denied
Root causes:
The readlink function is explicitly checking that the symbolic links point either to regular files or directories and returns an error code for everything else.
The access function does not properly respect the proc_access privileges.
|