proc: avoid information leaks to non-privileged processes

(backported from 2.6 commit f83ce3e6b02d5e48b3a43b001390e2b58820389d)

By using the same test as is used for /proc/pid/maps and /proc/pid/smaps,
only allow processes that can ptrace() a given process to see information
that might be used to bypass address space layout randomization (ASLR).
These include eip, esp, wchan, and start_stack in /proc/pid/stat as well
as the non-symbolic output from /proc/pid/wchan.

ASLR can be bypassed by sampling eip as shown by the proof-of-concept
code at As part of a presentation
( esp and wchan were
also noted as possibly usable information leaks as well.  The
start_stack address also leaks potentially useful information.

Cc: Stable Team <>
Signed-off-by: Jake Edge <>
Acked-by: Arjan van de Ven <>
Acked-by: "Eric W. Biederman" <>
Signed-off-by: Linus Torvalds <>
[wt: 2.4 has no wchan file and no aslr, still we don't want to leak
 these potentially sensible information]
Signed-off-by: Willy Tarreau <>
1 file changed