Candidate:
Description:
 file permissions can be circumvented via information in /proc
References:
 http://securityfocus.com/archive/1/507386/30/30/threaded
 http://lwn.net/Articles/359219
Notes:
 from discussion on bugtraq, it appears that this problem is exposed because of
 some debian-specific patches (upstream is not affected).  at this point, i am
 noting the issue because there appears to be something to it, but i have not
 studied it in detail nor verified any claims.
 .
 dannf> I don't see anything debian-specific about it. I can reproduce on 2.6.32
        and RHEL5.
Bugs:
upstream: ignored "no upstream fix"
linux-2.6: ignored "no upstream fix"
2.6.18-etch-security: ignored "no upstream fix"
2.6.24-etch-security: ignored "no upstream fix"
2.6.26-lenny-security: ignored "no upstream fix"