| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CA+55aFwvbR+6e7YrZ3Q+sYzJsRikJEAi1YsA49CQjWgsa7KTWQ@mail.gmail.com>
Date: Thu, 30 Nov 2017 18:17:47 -0500
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: "Tobin C. Harding" <me@...in.cc>,
Matt Fleming <matt@...eblueprint.co.uk>,
Ard Biesheuvel <ard.biesheuvel@...aro.org>,
LKML <linux-kernel@...r.kernel.org>,
"linux-efi@...r.kernel.org" <linux-efi@...r.kernel.org>
Subject: Re: [GIT PULL] hash addresses printed with %p
On Thu, Nov 30, 2017 at 12:10 PM, Greg Kroah-Hartman
<gregkh@...uxfoundation.org> wrote:
>
> So changing it to use __ATTR() should fix this remaning leakage up.
> That is if we even really need to export these values at all. What does
> userspace do with them? Shouldn't they just be in debugfs instead?
So what I find distasteful here is how sysfs has these "helper" macros
that are clearly designed to over-share.
The __ATTR macro is a lot more complicated to use than the
__ATTR_RO/WO/RW macros, but those macros end up giving everybody read
access (ok, not the WO one)
So honestly, I think the "helper" functions should be deprecated
simply because they basically encourage people to make everything
world-readable.
Which is why most of sysfs is world-readable, whether it makes sense or not.
It would have been better had they just taken the actual mode, I suspect.
(And it would be better yet if the code didn't use that disgusting
S_IRUGO, which pretty much everybody has to think about to figure out
it's 0444)
Linus
Powered by blists - more mailing lists