* Masami Hiramatsu <mhiramat@xxxxxxxxxx> wrote:
> Since the blacklist file indicates a sensitive address
> information to reader, it should be restricted to the
> root user.
>
> Suggested-by: Thomas Richter <tmricht@xxxxxxxxxxxxx>
> Signed-off-by: Masami Hiramatsu <mhiramat@xxxxxxxxxx>
> ---
> kernel/kprobes.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/kernel/kprobes.c b/kernel/kprobes.c
> index ea619021d901..51096eece801 100644
> --- a/kernel/kprobes.c
> +++ b/kernel/kprobes.c
> @@ -2621,7 +2621,7 @@ static int __init debugfs_kprobe_init(void)
> if (!file)
> goto error;
>
> - file = debugfs_create_file("blacklist", 0444, dir, NULL,
> + file = debugfs_create_file("blacklist", 0400, dir, NULL,
> &debugfs_kprobe_blacklist_ops);
> if (!file)
> goto error;
Note that in a typical Linux distro debugfs is already root-only:
fomalhaut:~> ls -ld /sys/kernel/debug
drwx------ 28 root root 0 Apr 23 08:55 /sys/kernel/debug
but this change might make sense if debugfs is mounted in some other fashion.
But the patch looks incomplete, 'blacklist' is not the only word-readable file in
the kprobes hierarchy. The kprobes directory itself, and the 'list' file is
readable as well:
[root@fomalhaut ~]# ls -ld /sys/kernel/debug/kprobes
drwxr-xr-x 2 root root 0 Apr 23 08:55 /sys/kernel/debug/kprobes
[root@fomalhaut ~]# ls -l /sys/kernel/debug/kprobes/
-r--r--r-- 1 root root 0 Apr 23 08:55 blacklist
-rw------- 1 root root 0 Apr 23 08:55 enabled
-r--r--r-- 1 root root 0 Apr 23 08:55 list
So not just the blacklist should be 400 but 'list' as well, and the main kprobes
directory as well.
Thanks,
Ingo
