Hello,
On (08/10/17 13:36), Kees Cook wrote:
> Currently only DMESG and CONSOLE record types are protected, and it isn't
> obvious that they are using a capability check. Instead switch to explicit
> root directory mode of 0750 to keep files private by default. This will
> allow the removal of the capability check, which was non-obvious and
> forces a process to have possibly too much privilege
it's CAP_SYSLOG, isn't it? is it too much? does chgrp require less privileges?
-ss
> when simple post-boot chgrp for readers would be possible without it.
>
> Signed-off-by: Kees Cook <[email protected]>
> ---
> fs/pstore/inode.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/pstore/inode.c b/fs/pstore/inode.c
> index fefd22611cf6..f1e88b695090 100644
> --- a/fs/pstore/inode.c
> +++ b/fs/pstore/inode.c
> @@ -471,7 +471,7 @@ static int pstore_fill_super(struct super_block *sb, void
> *data, int silent)
>
> inode = pstore_get_inode(sb);
> if (inode) {
> - inode->i_mode = S_IFDIR | 0755;
> + inode->i_mode = S_IFDIR | 0750;
> inode->i_op = &pstore_dir_inode_operations;
> inode->i_fop = &simple_dir_operations;
> inc_nlink(inode);
> --
> 2.7.4
>
