On 30 April 2015 at 07:32, Rusty Russell <rusty@xxxxxxxxxxxxxxx> wrote: > You're absolutely right, well spotted! The checks can be tightened. We > don't really care about execute, but logically write is "more > privileged" than read. > > Best to separate the tests; OTHER_WRITABLE <= GROUP_WRITABLE <= OWNER_WRITABLE > and OTHER_READABLE <= GROUP_READABLE <= OWNER_READABLE. > > A patch would be welcome! Thanks for the suggestion. OTHER_WRITABLE is already not permitted. So, added the checks for GROUP_WRITABLE <= OWNER_WRITABLE for write and OTHER_READABLE <= GROUP_READABLE <= OWNER_READABLE for read. I am just sending a separate patch for this. The subject line will be "[PATCH] sysfs: tightened sysfs permission checks" -- Thanks, Gobinda -- To unsubscribe from this list: send the line "unsubscribe linux-next" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
