ACK. Unit tested with Adaptec RAID management applications with apparently no issue. Will push this into matrix testing in the coming week. Sincerely -- Mark Salyzyn > -----Original Message----- > From: linux-kernel-owner@xxxxxxxxxxxxxxx > [mailto:linux-kernel-owner@xxxxxxxxxxxxxxx] On Behalf Of Alan Cox > Sent: Monday, July 23, 2007 9:51 AM > To: torvalds@xxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx; > linux-scsi@xxxxxxxxxxxxxxx > Subject: [PATCH] aacraid: Resend, Fix security hole > > On the SCSI layer ioctl path there is no implicit permissions > check for > ioctls (and indeed other drivers implement unprivileged > ioctls). aacraid > however allows all sorts of very admin only things to be done > so should > check. > > Signed-off-by: Alan Cox <alan@xxxxxxxxxx> > > diff -u --new-file --recursive --exclude-from > /usr/src/exclude > linux.vanilla-2.6.23rc1/drivers/scsi/aacraid/linit.c > linux-2.6.23rc1/drivers/scsi/aacraid/linit.c > --- linux.vanilla-2.6.23rc1/drivers/scsi/aacraid/linit.c > 2007-07-23 12:56:12.000000000 +0100 > +++ linux-2.6.23rc1/drivers/scsi/aacraid/linit.c > 2007-07-23 12:57:45.000000000 +0100 > @@ -636,6 +636,8 @@ > static int aac_cfg_ioctl(struct inode *inode, struct file *file, > unsigned int cmd, unsigned long arg) > { > + if (!capable(CAP_SYS_ADMIN)) > + return -EPERM; > return aac_do_ioctl(file->private_data, cmd, (void > __user *)arg); > } > > @@ -689,6 +691,8 @@ > > static long aac_compat_cfg_ioctl(struct file *file, unsigned > cmd, unsigned long arg) > { > + if (!capable(CAP_SYS_ADMIN)) > + return -EPERM; > return aac_compat_do_ioctl((struct aac_dev > *)file->private_data, cmd, arg); > } > #endif > - - To unsubscribe from this list: send the line "unsubscribe linux-scsi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
