| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 13 May 2010 10:59:11 +0100
From: Alan Cox <alan@...rguk.ukuu.org.uk>
To: Chris Wright <chrisw@...s-sol.org>
Cc: greg@...ah.com, jbarnes@...tuousgeek.org, matthew@....cx,
linux-pci@...r.kernel.org, linux-kernel@...r.kernel.org,
kvm@...r.kernel.org, ddutile@...hat.com, alex.williamson@...hat.com
Subject: Re: [PATCH 2/2] pci: allow sysfs file owner to read device
dependent config space
On Wed, 12 May 2010 18:29:57 -0700
Chris Wright <chrisw@...s-sol.org> wrote:
> The PCI config space bin_attr read handler has a hardcoded CAP_SYS_ADMIN
> check to verify privileges before allowing a user to read device
> dependent config space. This is meant to protect from an unprivileged
> user potentially locking up the box.
Or hacking it. You could argue the correct requirement is to change it to
require CAP_SYS_RAWIO in fact !
> With this patch the sysfs file owner is also considered privileged enough
> to read all of the config space.
Which breaks the main reason the check was there in the first place. To
stop accidents of the form
find / -exec grep {} "wibble"
blowing up in people's faces.
I agree with the problem - but IMHO the fix is to require opening the file
checks CAP_SYS_something instead: not to hack the read method and make it
even weirder and more un-Linux than it is now.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists