On Tue, Apr 9, 2013 at 8:48 AM, Josh Boyer <[email protected]> wrote: > The dmesg_restrict sysctl currently covers the syslog method for access > dmesg, however /dev/kmsg isn't covered by the same protections. Most > people haven't noticed because util-linux dmesg(1) defaults to using the > syslog method for access in older versions. With util-linux dmesg(1) > defaults to reading directly from /dev/kmsg. > > Fix this by reworking all of the access methods to use the > check_syslog_permissions function and adding checks to devkmsg_open and > devkmsg_read. > > This fixes https://bugzilla.redhat.com/show_bug.cgi?id=903192 > > Reported-by: Christian Kujau <[email protected]> > CC: [email protected] > Signed-off-by: Eric Paris <[email protected]> > Signed-off-by: Josh Boyer <[email protected]>
Thanks! Acked-by: Kees Cook <[email protected]> -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
