| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 28 Aug 2012 09:44:09 +0200 From: Alessandro Rubini <rubini@...dd.com> To: keescook@...omium.org Cc: linux-kernel@...r.kernel.org, gregkh@...uxfoundation.org, ben@...adent.org.uk, rob@...dley.net, viro@...iv.linux.org.uk, ludwig.nussel@...e.de, linux-doc@...r.kernel.org Subject: Re: [PATCH] debugfs: more tightly restrict default mount mode > Since the debugfs is mostly only used by root, make the default mount > mode 0700. Most system owners do not need a more permissive value, > but they can choose to weaken the restrictions via their fstab. But if the default is strict, file-completion won't work and most people will run a full root shell instead of sudo to save time. This is a step back in my opinion. Most administrators of their own machine won't go as far as changing fstab (none of my students would, for example). On the other hand admins of serious sites who are really concerned about doing "ls" over debugfs will be able to customize. So I vote against, knowing I'm late. thanks /alessandro -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists