On Mon, Aug 28, 2017 at 05:10:33PM -0700, Kees Cook wrote: > On Wed, Aug 23, 2017 at 7:56 AM, Luck, Tony <tony.luck@xxxxxxxxx> wrote: > >>> Should this not also have a capability check. Assuming file permissions > >>> are sufficient for grabbing a chunk of system memory holding error > >>> info doesn't seem too scary but it's at odds with a lot of other cases ? > >> > >> At least one of those other cases (pstore) added a capability check and now regret > >> it. There's a thread on reverting it. Look for: > >> > >> Revert "pstore: Honor dmesg_restrict sysctl on dmesg dumps" > > > > Here's at least part of that thread: > > > > https://marc.info/?l=linux-kernel&m=150301241114262&w=2 > > > > Kees: you were OK with removing the capability check from pstore, right? > > Yeah, as long as there is comparable protections. File system permission protection is "0400": # ls -al /sys/firmware/acpi/tables/data total 0 drwxr-xr-x. 2 root root 0 Aug 28 14:13 . drwxr-xr-x. 4 root root 0 Aug 28 14:10 .. -r--------. 1 root root 32768 Aug 28 14:13 BERT -Tony -- To unsubscribe from this list: send the line "unsubscribe linux-acpi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
