[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CAB_aHcxTeq7R6ON+73KLKeec-q9Ad0ddOcmYgObP77Ygtho4bQ@mail.gmail.com>
Date: Fri, 1 May 2015 17:29:35 +0530
From: Gobinda Maji <gobinda.cemk07@...il.com>
To: Rusty Russell <rusty@...tcorp.com.au>
Cc: linux-next@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 9/9] sysfs: disallow world-writable files.
On 30 April 2015 at 07:32, Rusty Russell <rusty@...tcorp.com.au> wrote:
> You're absolutely right, well spotted! The checks can be tightened. We
> don't really care about execute, but logically write is "more
> privileged" than read.
>
> Best to separate the tests; OTHER_WRITABLE <= GROUP_WRITABLE <= OWNER_WRITABLE
> and OTHER_READABLE <= GROUP_READABLE <= OWNER_READABLE.
>
> A patch would be welcome!
Thanks for the suggestion. OTHER_WRITABLE is already not permitted.
So, added the checks for GROUP_WRITABLE <= OWNER_WRITABLE for write
and OTHER_READABLE <= GROUP_READABLE <= OWNER_READABLE for read.
I am just sending a separate patch for this. The subject line will be
"[PATCH] sysfs: tightened sysfs permission checks"
--
Thanks,
Gobinda
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists