lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20091202191549.1dbffa2e@lxorguk.ukuu.org.uk>
Date:	Wed, 2 Dec 2009 19:15:49 +0000
From:	Alan Cox <alan@...rguk.ukuu.org.uk>
To:	Miklos Szeredi <miklos@...redi.hu>
Cc:	akpm@...ux-foundation.org, viro@...IV.linux.org.uk,
	dhowells@...hat.com, hch@...radead.org, adilger@....com,
	mtk.manpages@...il.com, torvalds@...ux-foundation.org,
	drepper@...il.com, jamie@...reable.org,
	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3] vfs: new O_NODE open flag

> 1) There's a security hole with dynamicly allocated devices if
> permissions on new device are difference than on old device.
> 
> The issue is valid, but also exists if hard links are created to
> device nodes.  udev already defends against this by setting
> permissions on device to zero before unlinking it.

udev defends against it with the specific knowledge that any existing
open means the device is open and cannot be unloaded. The combination is
required (and some other happenstance properties).

For O_NODE you must implement revoke() as well and get it into tools like
udev before you are safe. I appreciate "you need revoke" is a bit like
saying "there is one small problem, you just need to reimplement a major
subsystem while you are at it", but from a security perspective I don't
see any other way to make O_NODE safe in this situation.

Alan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ