[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20110711063719.GA12579@localhost.ucw.cz>
Date: Mon, 11 Jul 2011 06:37:20 +0000
From: Pavel Machek <pavel@....cz>
To: Greg KH <gregkh@...e.de>
Cc: Vasiliy Kulikov <segoon@...nwall.com>,
Andrew Morton <akpm@...ux-foundation.org>,
James Morris <jmorris@...ei.org>, Ingo Molnar <mingo@...e.hu>,
Namhyung Kim <namhyung@...il.com>,
kernel-hardening@...ts.openwall.com, linux-kernel@...r.kernel.org,
security@...nel.org
Subject: Re: [PATCH] kernel: escape non-ASCII and control characters in
printk()
On Wed 2011-06-22 08:37:42, Greg KH wrote:
> On Wed, Jun 22, 2011 at 01:53:41PM +0400, Vasiliy Kulikov wrote:
> > This patch escapes all characters outside of allowed '\n' plus 0x20-0x7E
> > charset passed to printk().
> >
> > There are numerous printk() instances with user supplied input as "%s"
> > data, and unprivileged user may craft log messages with substrings
> > containing control characters via these printk()s. Control characters
> > might fool root viewing the logs via tty.
>
> There are "numerous" places this could happen? Shouldn't this be
> handled by the viewers of the log file and not the kernel itself?
well, currently cat /proc/kmsg is bad idea on multiuser system... right?
> And what could these control characters cause to be "fooled"?
terminals are powerful (or shall we say insecure?) these days. Including replies.
cat /proc/kmsg can result in something like "9q" be added to the next
bash command. It would not surprise me if nastier stuff was possible
with some xterm variant.
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists