Hello, I found several places performing mknod and mkdir operations without the proper security_inode_permission/mknod/mkdir checks. But I am not sure if it is that usbfs does not use LSM at all or there are real security violations.
One such example is as follows. In linux-2.6.21.5/drivers/usb/core/inode.c, function usbfs_mknod() accesses sensitive inode data structure, but is not authorized by a security check, at least in one of the call chains: usbfs_mknod <- usbfs_mkdir <- fs_create_by_name <- fs_create_file <- usbfs_add_device<- usbfs_notify Considering the mknod operation for many files systems, such as ext2, ext3, and jfs, is authorized by a security check via the vfs_mknod() function call, the missing checks in usbfs might be a problem. I'd appreciate any of your help! Thanks, Lin - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
