From: Konrad Rzeszutek <konradr@redhat.com>
Subject: [RHEL5 PATCH] 221173 - setuid program unable to read its own /proc/pid/maps file after giving up root privileges
Date: Fri, 12 Jan 2007 13:40:48 -0500
Bugzilla: 221173
Message-Id: <20070112184048.GA17525@dyn448102.cambridge.ibm.com>
Changelog: [fs] setuid program unable to read own /proc/pid/maps file


RHBZ#:
------
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=221173

Description:
------------
Set-uid programs cannot read their own /proc/pid/maps file
after giving up root privilege.


RHEL Version Found:
------------------
RHEL5 RC1.

Upstream Status:
----------------
In 2.6.19, in RHEL4 U5, in FC6 and rawhide.

Test Status:
------------
Tested on a machine without the patch and with the patch. Without the patch
test program cannot read the /proc/pid/map. With the patch the test
program can read /proc/pid/map.

Proposed Patch:
---------------
This patch is based on 2.6.18-1.3002

diff -uNpr linux-2.6.18.i686.orig/fs/proc/base.c linux-2.6.18.i686/fs/proc/base.c
--- linux-2.6.18.i686.orig/fs/proc/base.c	2007-01-12 11:22:15.000000000 -0500
+++ linux-2.6.18.i686/fs/proc/base.c	2007-01-12 11:23:37.000000000 -0500
@@ -208,7 +208,7 @@ static struct pid_entry tgid_base_stuff[
 	E(PROC_TGID_CMDLINE,   "cmdline", S_IFREG|S_IRUGO),
 	E(PROC_TGID_STAT,      "stat",    S_IFREG|S_IRUGO),
 	E(PROC_TGID_STATM,     "statm",   S_IFREG|S_IRUGO),
-	E(PROC_TGID_MAPS,      "maps",    S_IFREG|S_IRUSR),
+	E(PROC_TGID_MAPS,      "maps",    S_IFREG|S_IRUGO),
 #ifdef CONFIG_NUMA
 	E(PROC_TGID_NUMA_MAPS, "numa_maps", S_IFREG|S_IRUGO),
 #endif
-- 
Konrad Rzeszutek 1-(978)-392-3903 or 1-(617)-693-1718
IBM on-site partner.