lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Pine.LNX.4.64.0802291912310.24941@er-systems.de>
Date:	Fri, 29 Feb 2008 19:16:51 +0100 (CET)
From:	Thomas Voegtle <tv@...96.de>
To:	linux-kernel@...r.kernel.org
cc:	tilman.baumann@...lax.com, Andreas Hofmeister <andi@...lax.com>
Subject: permissions on /proc/tty/driver/


Hi,

we noticed that only root can enter /proc/tty/driver/, which appears to be 
wrong, because the files therein are actually world readable...



Signed-off-by: Tilman Baumann <tilman.baumann@...lax.comy>
Signed-off-by: Thomas Voegtle <tv@...96.de>
---
 fs/proc/proc_tty.c |    4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/fs/proc/proc_tty.c b/fs/proc/proc_tty.c
index 49816e0..eb73d96 100644
--- a/fs/proc/proc_tty.c
+++ b/fs/proc/proc_tty.c
@@ -224,7 +224,9 @@ void __init proc_tty_init(void)
 	 * password lengths and inter-keystroke timings during password
 	 * entry.
 	 */
-	proc_tty_driver = proc_mkdir_mode("tty/driver", S_IRUSR | S_IXUSR, NULL);
+	proc_tty_driver = proc_mkdir_mode("tty/driver",
+			S_IRUSR|S_IXUSR|S_IRGRP|S_IXGRP|S_IROTH|S_IXOTH,
+			NULL);
 
 	create_proc_read_entry("tty/ldiscs", 0, NULL, tty_ldiscs_read_proc, NULL);
 	entry = create_proc_entry("tty/drivers", 0, NULL);
-- 
1.5.3

      Thomas

-- 
 Thomas Vögtle    email: thomas@...gtle-clan.de
 ----- http://www.voegtle-clan.de/thomas ------

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ