lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 7 Jun 2014 12:42:32 +0200 From: Pavel Machek <pavel@....cz> To: Greg KH <gregkh@...uxfoundation.org> Cc: Linus Torvalds <torvalds@...ux-foundation.org>, Bin Wang <binw@...vell.com>, Nobuhiro Iwamatsu <nobuhiro.iwamatsu.yj@...esas.com>, Andrew Morton <akpm@...ux-foundation.org>, Arnd Bergmann <arnd@...db.de>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Norbert Ciosek <norbertciosek@...il.com> Subject: Re: [GIT PULL] char/misc driver patches for 3.16-rc1 On Tue 2014-06-03 11:25:55, Greg KH wrote: > On Tue, Jun 03, 2014 at 10:14:41AM -0700, Linus Torvalds wrote: > > On Tue, Jun 3, 2014 at 10:02 AM, Greg KH <gregkh@...uxfoundation.org> wrote: > > > > > > Hm, I got two different bug reports, and this same patch from two > > > different people insisting that we broke their drivers with the above > > > patches, and asked for this patch to be applied. > > > > So I do think that we might be able to apply this patch, but I think > > it needs a *lot* more thought than was obviously spent on it so far. > > > > For example, right now it's actively insecure. Do we care? Maybe we > > don't. The user-space uio side presumably is root-owned, and hopefully > > trusted. > > It better be trusted, as userspace has access to the "raw" hardware > here, and is getting notified about every irq that happens to the > device. At the very least, we have (CAP_SYS_ADMIN?) should be required before allowing root to compromise kernel, no? -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists