Re: sticky bits in /proc etc
On Wed, Jun 10, 2020 at 9:37 PM Valdis Klētnieks wrote: > > On Wed, 10 Jun 2020 08:24:17 -0600, jim.cro...@gmail.com said: > > Id like to ask about a possible new use for file and directory sticky bits, > > or setuid bits, to address the root-only use of /proc (etc) files > > The sticky bit and setuid/gid bits already have meanings for directories, > and changing the semantics will break existing code. > ok, Id more or less expected this. the only escape might have been that those meanings pertain to a "real" FS, and might be irrelevant to a synthetic/virtual fs like /proc or /sys > > this needs root > > > > echo module kvm +p > /proc/dynamic_debug/control > > > > how about this ? > > > > cat root-owned-readonly-file > /proc/dynamic_debug/control > > Nope, doesn't work that way, because the file in /proc has no way to tell that > it's cat doing it from a root-owned file, versus cat doing it from a > hacker-owned file. As far as the /proc file is concerned, the "echo" and "cat" > commands are identical. > > If you have an actual need for non-root users to do this, there's always the > fact that 'sudo' can be restricted to specific commands for the user, and/or > the use of set-UID helper programs that validate the request and then issue it > on the user's behalf. > I have no actual need, more just wondering aloud. thanks Jim ___ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
Re: sticky bits in /proc etc
On Wed, 10 Jun 2020 08:24:17 -0600, jim.cro...@gmail.com said: > Id like to ask about a possible new use for file and directory sticky bits, > or setuid bits, to address the root-only use of /proc (etc) files The sticky bit and setuid/gid bits already have meanings for directories, and changing the semantics will break existing code. > this needs root > > echo module kvm +p > /proc/dynamic_debug/control > > how about this ? > > cat root-owned-readonly-file > /proc/dynamic_debug/control Nope, doesn't work that way, because the file in /proc has no way to tell that it's cat doing it from a root-owned file, versus cat doing it from a hacker-owned file. As far as the /proc file is concerned, the "echo" and "cat" commands are identical. If you have an actual need for non-root users to do this, there's always the fact that 'sudo' can be restricted to specific commands for the user, and/or the use of set-UID helper programs that validate the request and then issue it on the user's behalf. pgpkeY2T0ncEp.pgp Description: PGP signature ___ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
sticky bits in /proc etc
Id like to ask about a possible new use for file and directory sticky bits, or setuid bits, to address the root-only use of /proc (etc) files this needs root echo module kvm +p > /proc/dynamic_debug/control how about this ? cat root-owned-readonly-file > /proc/dynamic_debug/control the root-owned-file can define a fixed set of dprintk enablements, and since its ro, its contents are controlled. is there some combination of special-bits on the source (ro root owned) and destination (root owned) that could safely allow joe-user to cat that file into control ? If it could fit here, it might then be a general workaround to root-shell access for /proc /sys manipulations ___ Kernelnewbies mailing list Kernelnewbies@kernelnewbies.org https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies