On Thu, 2009-05-14 at 22:50 +0200, Daniel Wagner wrote:
> > > data->debugfs_ps = debugfs_create_file("ps", 0666,
> > > data->debugfs, data,
> > > &hwsim_fops_ps);
> > > + data->debugfs_group = debugfs_create_file("group", 0666,
> > > + data->debugfs, data,
> > > + &hwsim_fops_group);
> >
> > Good thing this is a test module only... debugfs files with user access
> > permissions are a security risk. (a user can open the file and leave the
> > fd open, if root then rmmods future reads/writes to the fd by the user
> > crash the kernel)
>
> There isn't much we can do about that, right?
I generally just use 0600 to not allow regular users to open the files.
Maybe at some point, with the revoke() discussion, we'll actually get a
solution.
johannes
Attachment:
signature.asc
Description: This is a digitally signed message part
