[20/20] fs: ubifs: world-writable debugfs dump_* files

Message ID	cd575609cc07581a71ba925308d9d69c6e0c6d79.1296818921.git.segoon@openwall.com
State	Accepted
Commit	8c559d30b4e59cf6994215ada1fe744928f494bf
Headers	show Return-Path: <linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org> DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:from:to:cc:subject:date:message-id:x-mailer:in-reply-to :references; b=Vj/fl+YN5rtBUgeSy72/XuKPdnW1vjcll1JSpl55roTUYFcV9wEgPVf/Bc8UbnSIlL gNzoC5ldT/2PLpDfEnYvE6TmzR1VwYUDaJC3+noYCcrnSNc4p/kgnlPspJYldnw2ybIr GpguzJXlTH/vey8IohnbifOiBuD5H4NKchDUc= From: Vasiliy Kulikov <segoon@openwall.com> To: linux-kernel@vger.kernel.org Subject: [PATCH 20/20] fs: ubifs: world-writable debugfs dump_* files Date: Fri, 4 Feb 2011 15:24:19 +0300 Message-Id: <cd575609cc07581a71ba925308d9d69c6e0c6d79.1296818921.git.segoon@openwall.com> In-Reply-To: <cover.1296818921.git.segoon@openwall.com> References: <cover.1296818921.git.segoon@openwall.com> summary: Content analysis details: (-0.7 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at http://www.dnswl.org/, low trust [209.85.161.49 listed in list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is freemail (segooon[at]gmail.com) 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.0 T_TO_NO_BRKTS_FREEMAIL T_TO_NO_BRKTS_FREEMAIL Cc: security@kernel.org, Adrian Hunter <adrian.hunter@nokia.com>, linux-mtd@lists.infradead.org, Artem Bityutskiy <dedekind1@gmail.com> Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: linux-mtd-bounces@lists.infradead.org Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

Message ID

cd575609cc07581a71ba925308d9d69c6e0c6d79.1296818921.git.segoon@openwall.com

State

Accepted

Commit

8c559d30b4e59cf6994215ada1fe744928f494bf

Headers

DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
	h=sender:from:to:cc:subject:date:message-id:x-mailer:in-reply-to
	:references;
	b=Vj/fl+YN5rtBUgeSy72/XuKPdnW1vjcll1JSpl55roTUYFcV9wEgPVf/Bc8UbnSIlL
	gNzoC5ldT/2PLpDfEnYvE6TmzR1VwYUDaJC3+noYCcrnSNc4p/kgnlPspJYldnw2ybIr
	GpguzJXlTH/vey8IohnbifOiBuD5H4NKchDUc=
From: Vasiliy Kulikov <segoon@openwall.com>
To: linux-kernel@vger.kernel.org
Subject: [PATCH 20/20] fs: ubifs: world-writable debugfs dump_* files
Date: Fri,  4 Feb 2011 15:24:19 +0300
Message-Id: <cd575609cc07581a71ba925308d9d69c6e0c6d79.1296818921.git.segoon@openwall.com>
In-Reply-To: <cover.1296818921.git.segoon@openwall.com>
References: <cover.1296818921.git.segoon@openwall.com>
Cc: security@kernel.org, Adrian Hunter <adrian.hunter@nokia.com>,
	linux-mtd@lists.infradead.org, Artem Bityutskiy <dedekind1@gmail.com>
Precedence: list
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: linux-mtd-bounces@lists.infradead.org
Errors-To: linux-mtd-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org

Don't allow everybody to dump sensitive information about filesystems. Signed-off-by: Vasiliy Kulikov <segoon@openwall.com> --- Compile tested only. fs/ubifs/debug.c | 6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-)

Comments

Artem Bityutskiy Feb. 6, 2011, 3:16 p.m. UTC | #1

On Fri, 2011-02-04 at 15:24 +0300, Vasiliy Kulikov wrote:
> Don't allow everybody to dump sensitive information about filesystems.
> 
> Signed-off-by: Vasiliy Kulikov <segoon@openwall.com>

Good catch, thanks. I'll push this patch to the ubifs-2.6.git tree,
thanks!

diff --git a/fs/ubifs/debug.c b/fs/ubifs/debug.c
index 0bee4db..bcb1acb 100644
--- a/fs/ubifs/debug.c
+++ b/fs/ubifs/debug.c
@@ -2813,19 +2813,19 @@  int dbg_debugfs_init_fs(struct ubifs_info *c)
 	}
 
 	fname = "dump_lprops";
-	dent = debugfs_create_file(fname, S_IWUGO, d->dfs_dir, c, &dfs_fops);
+	dent = debugfs_create_file(fname, S_IWUSR, d->dfs_dir, c, &dfs_fops);
 	if (IS_ERR(dent))
 		goto out_remove;
 	d->dfs_dump_lprops = dent;
 
 	fname = "dump_budg";
-	dent = debugfs_create_file(fname, S_IWUGO, d->dfs_dir, c, &dfs_fops);
+	dent = debugfs_create_file(fname, S_IWUSR, d->dfs_dir, c, &dfs_fops);
 	if (IS_ERR(dent))
 		goto out_remove;
 	d->dfs_dump_budg = dent;
 
 	fname = "dump_tnc";
-	dent = debugfs_create_file(fname, S_IWUGO, d->dfs_dir, c, &dfs_fops);
+	dent = debugfs_create_file(fname, S_IWUSR, d->dfs_dir, c, &dfs_fops);
 	if (IS_ERR(dent))
 		goto out_remove;
 	d->dfs_dump_tnc = dent;

[20/20] fs: ubifs: world-writable debugfs dump_* files

Commit Message

Comments

Patch