lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Tue, 05 Jan 2010 16:00:33 +0000
From:	David Howells <dhowells@...hat.com>
To:	Kevin Qu <rofail@...il.com>, Jeff Epler <jepler@...ythonic.net>
Cc:	dhowells@...hat.com, linux-kernel@...r.kernel.org
Subject: Re: how to get right euid?


Kevin Qu <rofail@...il.com> wrote:

> I wrote a kernel module and it create a "file" in /proc.
> The "file" permission is set to 644.
> When check access permission, I use :

Check where?  In file_operations::open(), in file_operations::write() or in
inode_operations::permission()?

> if( op == 4 || (op ==2 && current->euid == 0) )
>         return 0;
> 
> But it does not work on 2.6.29,
> so I changed it like below:
> 
> if( op & 0x4 || (op & 0x2 && current_euid() == 0) )
>         return 0;

What is op?  Is "op == N" equivalent to "op & N"?  Should N be a symbolic
constant (MAY_READ or MAY_WRITE)?

> It works when read from the "file" in /proc,
> but when write to it with sudo, like:
> 
> sudo echo "some thing" > /proc/my_file
> 
> It denied. (But it works when I su to superuser and do so.)
> 
> So I checked the current_euid(),
> but it returns 1000 (not 0),Why?

As Jeff said, where you're making the check matters.

In the above sudo command, the open() call is done by the shell, under the
EUID of whoever is logged in, whereas the write() call is done by the echo
command as executed by sudo, under the EUID set by sudo.

Note that if you're making the check in write(), the UID that you're checking
should be the one in struct file::f_cred.

David
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ