lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <481DC997.3070901@s5r6.in-berlin.de>
Date:	Sun, 04 May 2008 16:35:03 +0200
From:	Stefan Richter <stefanr@...6.in-berlin.de>
To:	linux-kernel@...r.kernel.org
CC:	Arjan van de Ven <arjan@...ux.intel.com>,
	Ingo Molnar <mingo@...e.hu>,
	Thomas Gleixner <tglx@...utronix.de>
Subject: config NONPROMISC_DEVMEM: help text and logic are confusing

The subject option, prompt "Disable promiscuous /dev/mem" in the menu 
called "Kernel hacking", does the following as far as I understand the 
patch description in commit ae531c26c5c2a28ca1b35a75b39b3b256850f2c8:

y = tighter security of /dev/mem,
n = unfiltered access through /dev/mem.

Yet the Kconfig help text contains the sentence

	With this config option, you allow userspace access to all of
	memory, [...]

Shouldn't this read

	Say N to allow userspace access to all of memory, [...]

	Say Y if you want improved security.

Also see commit 1f56cf1c58c81f7ecf16f5e99ac4a333d9dc9aea:  This changed 
the default of the option from y to n.  But the help text still says:

	The /dev/mem file by default only allows userspace access to PCI
	space and the BIOS code and data regions.

This is apparently wrong with "default n".

Furthermore, most of the options in the "Kernel hacking" menu follow the 
logic of "Y = additional debug features", "N = for normal use".  With 
NONPROMISC_DEVMEM it is the other way around.  Besides, an option whose 
prompt says "Disable something" is generally bad; better is "Enable 
something" because this is what the vast majority of options do and thus 
avoid "yes means no" logic.

So, wouldn't it be better to have

config PROMISCUOUS_DEVMEM
	bool "Promiscuous /dev/mem"
	# default to old semantics for a transition period
	default y
	help
	  This option opens up /dev/mem for access to all memory which
	  is useful for debugging and for [insert other uses here:
	  buggy legacy applications?] ...

	  Say Y if...
	  If ..., say N.

If I misunderstood something, please correct me.  And the Kconfig entry 
and its help text too, because I believe I won't be the only earthling 
who gets it wrong.  Thanks,
-- 
Stefan Richter
-=====-==--- -=-= --=--
http://arcgraph.de/sr/
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ