lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sun, 3 Jul 2011 22:10:31 +0100
From:	Alan Cox <>
To:	Linus Torvalds <>
Cc:	Vasiliy Kulikov <>, Ingo Molnar <>,
	Andrew Morton <>,
	James Morris <>,
	Namhyung Kim <>,
	Greg Kroah-Hartman <>,,
Subject: Re: [PATCH v2] kernel: escape non-ASCII and control characters in

> That said, if we really want to do this, I think doing it with %s
> filtering is the only way, and it would make the default case where
> people really don't think about possible user-supplied strings be
> safe.
> So saying "%s is for pure 7-bit ASCII with no control codes" is
> annoying, but would really fix it.

It's fairly easy for the console in question to provide a filter but 7bit
ascii wouldn't be a bad default for a printing console, definitely a
wrong default for the log file though.

> That said, I think it should be unconditional. None of this "safe vs
> unsafe" flags, and none of this "printk format strings are different
> from other vsprintf format strings". If special characters are a
> potential security problem for printk(), then they are a potential
> security problem for other things (eg /proc filenames or content etc).

In which case we can't do it because we need \n in proc content so that's
a complete and utter non starter. In addition we have things with
filenames in it and filenames are unicode so we'd break apps that look
filenames up via /proc for things like monitoring.

It depends how much you care as well - any idiot can figure out how to
simply use spaces and/or tabs to build multiple lines of fake looking
output like say a spoofed Oops.

As Lars can no doubt remind people spoofing oopses can be fun ;)

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists