lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 18 Feb 2013 07:50:12 -0800
From:	Greg KH <gregkh@...uxfoundation.org>
To:	Felipe Balbi <balbi@...com>
Cc:	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: SYSFS "errors"

On Mon, Feb 18, 2013 at 05:33:16PM +0200, Felipe Balbi wrote:
> Hi folks,
> 
> there are today a number of SYSFS files with read permission set but
> can't really be read (tried with normal user and root). To make things
> simpler, I wrote a simple ruby script (see below) to check if the file
> is world writeable or if it has Read permission but throws an exception
> when read (note that I ignore files which return empty buffers since
> ruby cries about it).
> 
> Here are some results from my desktop PC:
> 
> $ ruby sysfs_errors.rb |wc -l
> 968
> 
> # ruby sysfs_errors.rb | wc -l
> 1602
> 
> 8<---------------------------- cut here --------------------------------
> 
> Dir.glob("/sys/**/*").each do |file|
> 	next if File.directory?(file)
> 
> 	if File.world_writable?(file)
> 		puts "#{file} is world-writable"
> 	end
> 
> 	if File.readable?(file)
> 		begin
> 			File.open(file) { |f|
> 				result = f.readline
> 			}
> 		rescue EOFError
> 			nil
> 		rescue => e
> 			puts e.message
> 		end
> 	end
> end
> 
> I wonder if that should be sorted out or should we leave it as is ?

They should be sorted out.

> If it helps in any way, I have printed below only the filenames
> (without path) so I could pipe it through uniq:
> 
> act_mask
> audit
> autosuspend_delay_ms
> bind

This one the driver core creates, I'll fix that up.

The rest need paths to determine who to blame :)

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ