lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 16 Nov 2008 15:47:45 +0100
From:	Bernhard Walle <bwalle@...e.de>
To:	x86@...nel.org
Cc:	linux-kernel@...r.kernel.org, linux-arch@...r.kernel.org,
	crash-utility@...hat.com, Bernhard Walle <bwalle@...e.de>
Subject: Turn CONFIG_STRICT_DEVMEM in sysctl dev.mem.restricted

This patch series turns CONFIG_STRICT_DEVMEM in a sysctl
dev.mem.restricted.

While the restricted /dev/mem is useful in most scenarios, it is not
when doing live debugging. The crash utility
(http://people.redhat.com/~anderson) needs access to /dev/mem.

As distributor (at least for "enterprise" distributions) you need both:
The protection in the general case and the ability to do live debugging.
The patch doesn't make the kernel more insecure: Without SELinux or
AppArmor, it has always been possible to circumvent that /dev/mem
restriction. With it, you can also prevent the (super) user from doing
"sysctl dev.mem.restricted=1".

This patch series differs in two ways from the original submission:

  - The patch that removes CONFIG_STRICT_DEVMEM has been added.
  - The binary sysctl is removed, now it's only a /proc/sys sysctl.

While the original submission of CONFIG_STRICT_DEVMEM mentions that the
option has been in RHEL and Fedora for 4 years without problems, that's
only a half of the story. The truth is that at least RHEL has /dev/crash
exactly to circumvent that /dev/mem restriction. Don't tell me that this
is better than having that sysctl entry. ;-)

The patch has been tested on i386. There should be no difference to
x86_64.


Signed-off-by: Bernhard Walle <bwalle@...e.de>


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ