| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 29 Sep 2010 17:11:18 +0200 From: Jean Delvare <khali@...ux-fr.org> To: Olof Johansson <olof@...om.net> Cc: Andrew Morton <akpm@...ux-foundation.org>, linux-kernel@...r.kernel.org, Tejun Heo <tj@...nel.org> Subject: Re: [PATCH] dmi: export dmi data through debugfs On Wed, 29 Sep 2010 09:53:30 -0500, Olof Johansson wrote: > On Wed, Sep 29, 2010 at 09:34:03AM +0200, Jean Delvare wrote: > > Hi Olaf, > > > > On Tue, 28 Sep 2010 16:12:46 -0500, Olof Johansson wrote: > > > I've found this quite useful since it allows dmidecode to run without > > > root privileges using --from-dump to read this file instead > > > > This is a bad idea. We do NOT want every user to have access to all the > > DMI information. There is sensitive information in there (serial > > numbers and UUIDs, and possibly even more sensitive data in > > OEM-specific records.) If you look in /sys/class/dmi/id/, you'll see > > that files board_serial, chassis_serial, product_serial and > > product_uuid are only readable by root exactly for this reason. > > > So this is a NACK from me, sorry. > > So how about a change to mode 0400 on the debugfs file then? This is a requirement, yes. > It's > still better than having a userspace tool dig around /dev/mem for the > information. How is that better, please? Unless /dev/mem is going away, I don't see any benefit. "Digging around" is exactly what the kernel is doing to get the information. dmidecode has been around for over 7 years now, it's always been reading its information from /dev/mem, and while there has been some technical challenge with this (mmap vs. read) it has been solved long ago. And we now have an option limiting what can be accessed through /dev/mem (CONFIG_STRICT_DEVMEM), so we should be safe. The only objection I ever heard is that one had to be rootto run dmidecode, but there's no way to address this, which is why the relevant DMI strings are now exposed through sysfs. If there's a string you consider useful which is missing there, you could just add it. Now if you really insist on exposing the whole DMI table through sysfs, I can't prevent you from doing that. After all, ACPI already exposes its tables under /sys/firmware/acpi/tables (mode 0400). But then you'd rather expose the DMI entry point and tables under /sys/firmware/dmi/tables for consistency, rather than using debugfs. But again, I don't think it is adding any value over what we already have. Please note that anyway, dmidecode is not going to stop getting the table from /dev/mem, because it is used on several non-Linux operating systems (all the BSDs in particular) which do not have sysfs. -- Jean Delvare -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists