lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 2 Jul 2008 16:12:44 +1000 (EST)
From:	James Morris <jmorris@...ei.org>
To:	Miklos Szeredi <miklos@...redi.hu>
cc:	jjohansen@...e.de, Andrew Morton <akpm@...ux-foundation.org>,
	linux-security-module@...r.kernel.org,
	linux-kernel@...r.kernel.org, "Serge E. Hallyn" <serue@...ibm.com>,
	"Andrew G. Morgan" <morgan@...nel.org>
Subject: Re: [patch] security: fix dummy xattr functions

On Tue, 1 Jul 2008, Miklos Szeredi wrote:

> Hi James,
> 
> If this (untested) patch looks OK, could you please apply it to your
> tree?

As I understand it, filesystem capabilities is only enabled when either 
LSM is disabled, or the LSM capabilities module is built.

In both cases, security/commoncap.o is built.  With LSM disabled, the 
correct cap_inode_xxx functions will be linked.  With LSM+capabilities, 
either the capability LSM will be loaded, or another LSM will need to 
deliberately stack it.

So, I think the existing code is correct.

> 
> Replace open coded xattr checks with cap_inode_xxx() function calls in
> dummy_inode_setxattr() and dummy_inode_removexattr().  The old ones
> were out of sync with the cap_inode_xxx() implementation, which could
> even be a security problem.
> 
> Noticed by John Johansen.
> 
> CC: John Johansen <jjohansen@...e.de>
> Signed-off-by: Miklos Szeredi <mszeredi@...e.cz>
> ---
>  security/dummy.c |   12 ++----------
>  1 file changed, 2 insertions(+), 10 deletions(-)
> 
> Index: linux-2.6/security/dummy.c
> ===================================================================
> --- linux-2.6.orig/security/dummy.c	2008-07-01 21:44:03.000000000 +0200
> +++ linux-2.6/security/dummy.c	2008-07-01 21:51:08.000000000 +0200
> @@ -370,11 +370,7 @@ static void dummy_inode_delete (struct i
>  static int dummy_inode_setxattr (struct dentry *dentry, const char *name,
>  				 const void *value, size_t size, int flags)
>  {
> -	if (!strncmp(name, XATTR_SECURITY_PREFIX,
> -		     sizeof(XATTR_SECURITY_PREFIX) - 1) &&
> -	    !capable(CAP_SYS_ADMIN))
> -		return -EPERM;
> -	return 0;
> +	return cap_inode_setxattr(dentry, name, value, size, flags);
>  }
>  
>  static void dummy_inode_post_setxattr (struct dentry *dentry, const char *name,
> @@ -395,11 +391,7 @@ static int dummy_inode_listxattr (struct
>  
>  static int dummy_inode_removexattr (struct dentry *dentry, const char *name)
>  {
> -	if (!strncmp(name, XATTR_SECURITY_PREFIX,
> -		     sizeof(XATTR_SECURITY_PREFIX) - 1) &&
> -	    !capable(CAP_SYS_ADMIN))
> -		return -EPERM;
> -	return 0;
> +	return cap_inode_removexattr(dentry, name);
>  }
>  
>  static int dummy_inode_need_killpriv(struct dentry *dentry)
> 

-- 
James Morris
<jmorris@...ei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ