| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20260211104623.73fd4fc3@fedora> Date: Wed, 11 Feb 2026 10:46:23 -0500 From: Steven Rostedt <rostedt@...dmis.org> To: "Masami Hiramatsu (Google)" <mhiramat@...nel.org> Cc: Mathieu Desnoyers <mathieu.desnoyers@...icios.com>, linux-kernel@...r.kernel.org, linux-trace-kernel@...r.kernel.org Subject: Re: [PATCH v8 3/6] tracefs: Check file permission even if user has CAP_DAC_OVERRIDE On Tue, 10 Feb 2026 17:43:51 +0900 "Masami Hiramatsu (Google)" <mhiramat@...nel.org> wrote: > From: Masami Hiramatsu (Google) <mhiramat@...nel.org> > > Strictly checking the file read/write permission even if the owner has > CAP_DAC_OVERRIDE on tracefs as same as sysfs. > Tracefs is a pseudo filesystem, just like sysfs, so any file that the > system defines as unwritable should actually be unwritable by anyone. This is getting too complex and still doesn't work. As I said in my other email, simply check for the trace_array being readonly on opens() and return -EACCES if it is and was opened for write or read-write. With this still not working this late in the game, it will need to wait until the next merge window. I'll take the first two patches of this series now though. -- Steve
Powered by blists - more mailing lists