| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 28 Nov 2017 09:31:18 +1100 (AEDT)
From: James Morris <james.l.morris@...cle.com>
To: David Miller <davem@...emloft.net>
cc: torvalds@...ux-foundation.org, tixxdz@...il.com,
keescook@...omium.org, luto@...nel.org, akpm@...ux-foundation.org,
mcgrof@...nel.org, ben.hutchings@...ethink.co.uk,
solar@...nwall.com, serge@...lyn.com, jeyu@...nel.org,
rusty@...tcorp.com.au, linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org,
kernel-hardening@...ts.openwall.com, corbet@....net,
mingo@...nel.org, netdev@...r.kernel.org, peterz@...radead.org
Subject: Re: [PATCH v5 next 0/5] Improve Module autoloading infrastructure
On Tue, 28 Nov 2017, David Miller wrote:
> From: Linus Torvalds <torvalds@...ux-foundation.org>
> Date: Mon, 27 Nov 2017 10:41:30 -0800
>
> > What are the real life use-cases for normal users having modules
> > auto-load?
>
> User opens SCTP socket, SCTP protocol module loads.
>
> People build test cases via namespaces, and in that namespaces normal
> users can setup virtual tunnel devices themselves, and those configure
> operations can bring the tunnel module in.
What about implementing a white list of modules which are able to be
loaded by unprivileged users?
Then, Linus' solution would look something like:
va_start(args, fmt);
ret = vsnprintf(module_name, MODULE_NAME_LEN, fmt, args);
va_end(args);
if (WARN_ON_ONCE(!capable(CAP_SYS_MODULE) ||
!capable(CAP_SYS_ADMIN) ||
!capable(CAP_NET_ADMIN) ||
!unprivileged_autoload(module_name)))
return -EPERM;
--
James Morris
<james.l.morris@...cle.com>
Powered by blists - more mailing lists