On Wed 2009-12-02 17:16:57, Miklos Szeredi wrote: > v2->v3 slightly updated patch description > > Thanks to Alan for the feedback. The main points raised were I think: > > 1) There's a security hole with dynamicly allocated devices if > permissions on new device are difference than on old device. > > The issue is valid, but also exists if hard links are created to > device nodes. udev already defends against this by setting > permissions on device to zero before unlinking it. Perhaps machine has /dev on separate filesystem, not writeable to users? Adding new security holes is bad... > 3) There's an alleged security hole (commonly referred to as "Pavel's > issue" :) with reopening for write (or truncating) a file desciptor > through /proc/P/fd for a file descriptor opened for read-only. > > This patch doens't change any of that except the file opened without > any permission can also be re-opened with increased permissions, as > long as i_mode allows. I think this is an othogonal issue and so this > patch doesn't deal with it. You just made the hole way more common and easier to exploit. > Comments? Any chance of this being accepted into -mm? With adding 2 new security problems? Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
