The patch titled
Subject: sysctl: terminate strings also on \r
has been removed from the -mm tree. Its filename was
sysctl-terminate-strings-also-on-r.patch
This patch was dropped because it was nacked
------------------------------------------------------
From: Paul Wise <pabs3@xxxxxxxxxxxxx>
Subject: sysctl: terminate strings also on \r
This partially mitigates a common strategy used by attackers for hiding
the full contents of strings in procfs from naive sysadmins who use cat,
more or sysctl to inspect the contents of strings in procfs.
See http://www.jakoblell.com/blog/2014/05/07/hacking-contest-hiding-stuff-from-the-terminal/
[akpm@xxxxxxxxxxxxxxxxxxxx: add missing comment]
Signed-off-by: Paul Wise <pabs3@xxxxxxxxxxxxx>
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
Acked-by: Aaron Tomlin <atomlin@xxxxxxxxxx>
Acked-by: Paul E. McKenney <paulmck@xxxxxxxxxxxxxxxxxx>
Acked-by: David Rientjes <rientjes@xxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
kernel/sysctl.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff -puN kernel/sysctl.c~sysctl-terminate-strings-also-on-r kernel/sysctl.c
--- a/kernel/sysctl.c~sysctl-terminate-strings-also-on-r
+++ a/kernel/sysctl.c
@@ -1749,7 +1749,11 @@ static int _proc_do_string(char *data, i
while ((p - buffer) < *lenp && len < maxlen - 1) {
if (get_user(c, p++))
return -EFAULT;
- if (c == 0 || c == '\n')
+ /*
+ * \r terminates input to partially prevent attackers
+ * from hiding info from sysadmins who use cat
+ */
+ if (c == 0 || c == '\n' || c == '\r')
break;
data[len++] = c;
}
_
Patches currently in -mm which might be from pabs3@xxxxxxxxxxxxx are
--
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
