lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1290201154.2116.29.camel@morgan.silverblock.net>
Date:	Fri, 19 Nov 2010 16:12:34 -0500
From:	Andy Walls <andy@...verblocksystems.net>
To:	linux-kernel@...r.kernel.org
Cc:	sarah.a.sharp@...ux.intel.com, torvalds@...ux-foundation.org
Subject: Re: [PATCH] kernel: make /proc/kallsyms mode 400 to reduce ease of
 attacking


> On Fri, Nov 19, 2010 at 11:19 AM, Sarah Sharp
> <sarah.a.sharp@...ux.intel.com> wrote:
> >
> > .config and dmesg are attached.  The box is running klogd 1.5.5ubuntu3
> > (from Jaunty).  Yes, I know that's old.  I read the bit in the commit
> > about changing the permissions of kallsyms after boot, but if I can't
> > boot that doesn't help.  Perhaps this can be made a configuration
> > option?
> 
> It's not worth a config option.
> 
> If it actually breaks user-space, I think we should just revert it.

User space klogd is what's broken in this case:

        ksyms = fopen(KSYMS, "r");

        if ( ksyms == NULL )
        {
                if ( errno == ENOENT )
                        Syslog(LOG_INFO, "No module symbols loaded - "
                               "kernel modules not enabled.\n");
                else
                        Syslog(LOG_ERR, "Error loading kernel symbols " \
                               "- %s\n", strerror(errno));
                fclose(ksyms);
                return(0);
        }

The fclose(NULL) is a bug, as I don't think the standards require
that to be handled gracefully.


> It's kind of sad to default to the world-visible thing,

klogd also gets symbols from System.map, so /proc/kallsyms access
is not a strict requirement.

I haven't checked to see if klogd can work without a symbol source
at all, but I'll wager it can.

Regards,
Andy


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ