LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
* [PATCH 00/20] world-writable files in sysfs and debugfs
@ 2011-02-04 14:00 Vasiliy Kulikov
2011-02-07 19:38 ` Matthew Garrett
0 siblings, 1 reply; 5+ messages in thread
From: Vasiliy Kulikov @ 2011-02-04 14:00 UTC (permalink / raw)
To: linux-kernel
Cc: linux-omap, linux-arm-kernel, linux-usb, linux-media,
socketcan-core, netdev, platform-driver-x86, acpi4asus-user,
rtc-linux, linux-scsi, open-iscsi, linux-mtd, security
The search was made with trivial shell commands:
find | xargs grep S_IWUGO
find | xargs grep S_IWOTH
I didn't precisely investigate how exactly one may damage the
system/hardware because of issues number, maybe the harm is very limited
in case of some of these drivers.
One suspicious file is ./staging/speakup/speakup.h, but it explitly calls
macros as world-writable. I didn't check what speakup's world-writable
files provide because it requires some knowledge about the hardware.
Vasiliy Kulikov (20):
mach-omap2: mux: world-writable debugfs files
mach-omap2: pm: world-writable debugfs timer files
mach-omap2: smartreflex: world-writable debugfs voltage files
mach-ux500: mbox-db5500: world-writable sysfs fifo file
leds: lp5521: world-writable sysfs engine* files
leds: lp5523: world-writable engine* sysfs files
video: sn9c102: world-wirtable sysfs files
mfd: ab3100: world-writable debugfs *_priv files
mfd: ab3500: world-writable debugfs register-* files
mfd: ab8500: world-writable debugfs register-* files
misc: ep93xx_pwm: world-writable sysfs files
net: can: at91_can: world-writable sysfs files
net: can: janz-ican3: world-writable sysfs termination file
platform: x86: acer-wmi: world-writable sysfs threeg file
platform: x86: asus_acpi: world-writable procfs files
platform: x86: tc1100-wmi: world-writable sysfs wireless and jogdial files
rtc: rtc-ds1511: world-writable sysfs nvram file
scsi: aic94xx: world-writable sysfs update_bios file
scsi: iscsi: world-writable sysfs priv_sess file
fs: ubifs: world-writable debugfs dump_* files
arch/arm/mach-omap2/mux.c | 2 +-
arch/arm/mach-omap2/pm-debug.c | 8 ++++----
arch/arm/mach-omap2/smartreflex.c | 4 ++--
arch/arm/mach-ux500/mbox-db5500.c | 2 +-
drivers/leds/leds-lp5521.c | 14 +++++++-------
drivers/leds/leds-lp5523.c | 20 ++++++++++----------
drivers/media/video/sn9c102/sn9c102_core.c | 6 +++---
drivers/mfd/ab3100-core.c | 4 ++--
drivers/mfd/ab3550-core.c | 6 +++---
drivers/mfd/ab8500-debugfs.c | 6 +++---
drivers/misc/ep93xx_pwm.c | 6 +++---
drivers/net/can/at91_can.c | 2 +-
drivers/net/can/janz-ican3.c | 2 +-
drivers/platform/x86/acer-wmi.c | 2 +-
drivers/platform/x86/asus_acpi.c | 8 +-------
drivers/platform/x86/tc1100-wmi.c | 2 +-
drivers/rtc/rtc-ds1511.c | 2 +-
drivers/scsi/aic94xx/aic94xx_init.c | 2 +-
drivers/scsi/scsi_transport_iscsi.c | 2 +-
fs/ubifs/debug.c | 6 +++---
20 files changed, 50 insertions(+), 56 deletions(-)
--
Vasiliy Kulikov
http://www.openwall.com - bringing security into open computing environments
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH 00/20] world-writable files in sysfs and debugfs
2011-02-04 14:00 [PATCH 00/20] world-writable files in sysfs and debugfs Vasiliy Kulikov
@ 2011-02-07 19:38 ` Matthew Garrett
0 siblings, 0 replies; 5+ messages in thread
From: Matthew Garrett @ 2011-02-07 19:38 UTC (permalink / raw)
To: Vasiliy Kulikov
Cc: linux-kernel, linux-omap, linux-arm-kernel, linux-usb,
linux-media, socketcan-core, netdev, platform-driver-x86,
acpi4asus-user, rtc-linux, linux-scsi, open-iscsi, linux-mtd,
security
Thanks, I've applied the x86 platform driver ones.
--
Matthew Garrett | mjg59@srcf.ucam.org
^ permalink raw reply [flat|nested] 5+ messages in thread
[parent not found: <cover.1296818921.git.segoon@openwall.com>]
* Re: [PATCH 00/20] world-writable files in sysfs and debugfs
[not found] <cover.1296818921.git.segoon@openwall.com>
@ 2011-02-21 11:42 ` Samuel Ortiz
2011-03-12 20:23 ` Vasiliy Kulikov
1 sibling, 0 replies; 5+ messages in thread
From: Samuel Ortiz @ 2011-02-21 11:42 UTC (permalink / raw)
To: Vasiliy Kulikov; +Cc: linux-kernel, security
Hi Vasiliy,
On Fri, Feb 04, 2011 at 03:22:29PM +0300, Vasiliy Kulikov wrote:
> mfd: ab3100: world-writable debugfs *_priv files
> mfd: ab3500: world-writable debugfs register-* files
> mfd: ab8500: world-writable debugfs register-* files
All 3 patches applied, thanks.
Cheers,
Samuel.
--
Intel Open Source Technology Centre
http://oss.intel.com/
^ permalink raw reply [flat|nested] 5+ messages in thread* Re: [PATCH 00/20] world-writable files in sysfs and debugfs
[not found] <cover.1296818921.git.segoon@openwall.com>
2011-02-21 11:42 ` Samuel Ortiz
@ 2011-03-12 20:23 ` Vasiliy Kulikov
2011-03-15 2:26 ` James Bottomley
1 sibling, 1 reply; 5+ messages in thread
From: Vasiliy Kulikov @ 2011-03-12 20:23 UTC (permalink / raw)
To: linux-kernel, linux-omap, linux-arm-kernel, linux-usb,
linux-media, platform-driver-x86, acpi4asus-user, rtc-linux,
linux-scsi, open-iscsi, security
> Vasiliy Kulikov (20):
> mach-ux500: mbox-db5500: world-writable sysfs fifo file
> leds: lp5521: world-writable sysfs engine* files
> leds: lp5523: world-writable engine* sysfs files
> misc: ep93xx_pwm: world-writable sysfs files
> rtc: rtc-ds1511: world-writable sysfs nvram file
> scsi: aic94xx: world-writable sysfs update_bios file
> scsi: iscsi: world-writable sysfs priv_sess file
These are still not merged :(
^ permalink raw reply [flat|nested] 5+ messages in thread* Re: [PATCH 00/20] world-writable files in sysfs and debugfs
2011-03-12 20:23 ` Vasiliy Kulikov
@ 2011-03-15 2:26 ` James Bottomley
0 siblings, 0 replies; 5+ messages in thread
From: James Bottomley @ 2011-03-15 2:26 UTC (permalink / raw)
To: Vasiliy Kulikov
Cc: linux-kernel, linux-omap, linux-arm-kernel, linux-usb,
linux-media, platform-driver-x86, acpi4asus-user, rtc-linux,
linux-scsi, open-iscsi, security
On Sat, 2011-03-12 at 23:23 +0300, Vasiliy Kulikov wrote:
> > Vasiliy Kulikov (20):
> > mach-ux500: mbox-db5500: world-writable sysfs fifo file
> > leds: lp5521: world-writable sysfs engine* files
> > leds: lp5523: world-writable engine* sysfs files
> > misc: ep93xx_pwm: world-writable sysfs files
> > rtc: rtc-ds1511: world-writable sysfs nvram file
> > scsi: aic94xx: world-writable sysfs update_bios file
> > scsi: iscsi: world-writable sysfs priv_sess file
>
> These are still not merged :(
OK, so I've not been tracking where we are in the dizzying ride on
security systems. However, I thought we landed up in the privilege
separation arena using capabilities. That means that world writeable
files aren't necessarily a problem as long as the correct capabilities
checks are in place, right?
James
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2011-03-15 2:26 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-02-04 14:00 [PATCH 00/20] world-writable files in sysfs and debugfs Vasiliy Kulikov
2011-02-07 19:38 ` Matthew Garrett
[not found] <cover.1296818921.git.segoon@openwall.com>
2011-02-21 11:42 ` Samuel Ortiz
2011-03-12 20:23 ` Vasiliy Kulikov
2011-03-15 2:26 ` James Bottomley
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).