On Wed, Oct 31, 2007 at 07:02:27PM -0500, Tan, Lin wrote: > Hello, > > I found several places performing mknod and mkdir operations without > the proper security_inode_permission/mknod/mkdir checks. But I am not > sure if it is that usbfs does not use LSM at all or there are real > security violations. > > One such example is as follows. > > In linux-2.6.21.5/drivers/usb/core/inode.c, function usbfs_mknod() > accesses sensitive inode data structure, but is not authorized by a > security check, at least in one of the call chains: usbfs_mknod <- > usbfs_mkdir <- fs_create_by_name <- fs_create_file <- > usbfs_add_device<- usbfs_notify > > Considering the mknod operation for many files systems, such as ext2, > ext3, and jfs, is authorized by a security check via the vfs_mknod() > function call, the missing checks in usbfs might be a problem.
As author of usbfs in its current implementation, I don't see where the problem is. Only the kernel itself creates files, no userspace process does, so there is no need to do any kind of security check, right? Do you see some way an unprivilidged user can create a device node in usbfs? thanks, greg k-h - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
