lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 13 Oct 2021 15:12:16 -0500
From:   Rob Landley <rob@...dley.net>
To:     "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Kees Cook <keescook@...omium.org>,
        Linux FS Devel <linux-fsdevel@...r.kernel.org>
Subject: The one and only "permission denied" in find /sys

There is exactly one directory in the whole of sysfs that a normal user can't
read (at least on my stock devuan laptop):

  $ find /sys -name potato
  find: ‘/sys/fs/pstore’: Permission denied

It's the "pstore" filesystem, it was explicitly broken by commit d7caa33687ce,
and the commit seems to say this was to fix an issue that didn't exist yet but
might someday.

Did whatever issue it was concerned about ever actually start happening? Why did
you not change the permissions on the files _in_ the directory so they weren't
world readable instead? Should /dev/shm stop being world ls-able as well?

Confused,

Rob

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ