| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20130218153316.GA2663@arwen.pp.htv.fi>
Date: Mon, 18 Feb 2013 17:33:16 +0200
From: Felipe Balbi <balbi@...com>
To: Greg KH <gregkh@...uxfoundation.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: SYSFS "errors"
Hi folks,
there are today a number of SYSFS files with read permission set but
can't really be read (tried with normal user and root). To make things
simpler, I wrote a simple ruby script (see below) to check if the file
is world writeable or if it has Read permission but throws an exception
when read (note that I ignore files which return empty buffers since
ruby cries about it).
Here are some results from my desktop PC:
$ ruby sysfs_errors.rb |wc -l
968
# ruby sysfs_errors.rb | wc -l
1602
8<---------------------------- cut here --------------------------------
Dir.glob("/sys/**/*").each do |file|
next if File.directory?(file)
if File.world_writable?(file)
puts "#{file} is world-writable"
end
if File.readable?(file)
begin
File.open(file) { |f|
result = f.readline
}
rescue EOFError
nil
rescue => e
puts e.message
end
end
end
I wonder if that should be sorted out or should we leave it as is ? If
it helps in any way, I have printed below only the filenames (without
path) so I could pipe it through uniq:
act_mask
audit
autosuspend_delay_ms
bind
bl_curve
clear
compact
delete
delete_device
drivers_probe
drvctl
duplex
em_buffer
enable
end_lba
event_char
hard_offline_page
host_reset
mode
new_device
new_id
pid
probe
reconfig
release
reload
remove
remove_id
rescan
reset
reset_counters
resource0
resource1
resource1_wc
resource2
resource3
resource4
resource5
rom
rotate_all
scan
sdram_scrub_rate
smi_request
soft_offline_page
speed
start_lba
sw_activity
trigger_fs_error
uevent
unbind
unload_heads
--
balbi
Download attachment "signature.asc" of type "application/pgp-signature" (837 bytes)
Powered by blists - more mailing lists