Re: User mounts could not use character conversions (libkiconv is just for roots)
On Wed, Dec 03, 2003 at 12:08:52PM +0600, Boris Popov wrote: Probably it is not a good idea to allow users to load kernel iconv tables because one can waste a lot of memory by loading of all possible conversion schemes. The better solution is to add some kind of preload ability which could be used on startup. I agree with this. - R. Imura ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to [EMAIL PROTECTED]
User mounts could not use character conversions (libkiconv is just for roots)
Hello, I have found, that user mounts using libkiconv.so (msdosfs, cd9660, ...) could not use character code conversions, beause writing to sysctl kern.iconv.add is allowed just for root. Personally, I have created small patch, which allows to change kern.iconv.add to anybody, so it does work for me. Does anybody know, if there are security drawbacks and if it can or can not be commited? Thanks. --- sys/libkern/iconv.c.origTue Dec 2 16:58:05 2003 +++ sys/libkern/iconv.c Tue Dec 2 16:59:57 2003 @@ -401,7 +401,8 @@ return error; } -SYSCTL_PROC(_kern_iconv, OID_AUTO, add, CTLFLAG_RW | CTLTYPE_OPAQUE, +SYSCTL_PROC(_kern_iconv, OID_AUTO, add, CTLFLAG_RW | CTLFLAG_ANYBODY + | CTLTYPE_OPAQUE, NULL, 0, iconv_sysctl_add, S,xlat, register charset pair); /* -- Rudolf Cejka cejkar at fit.vutbr.cz http://www.fit.vutbr.cz/~cejkar Brno University of Technology, Faculty of Information Technology Bozetechova 2, 612 66 Brno, Czech Republic ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: User mounts could not use character conversions (libkiconv is just for roots)
On Tue, Dec 02, 2003 at 05:38:05PM +0100, Rudolf Cejka wrote: I have found, that user mounts using libkiconv.so (msdosfs, cd9660, ...) could not use character code conversions, beause writing to sysctl kern.iconv.add is allowed just for root. Personally, I have created small patch, which allows to change kern.iconv.add to anybody, so it does work for me. Does anybody know, if there are security drawbacks and if it can or can not be commited? Probably it is not a good idea to allow users to load kernel iconv tables because one can waste a lot of memory by loading of all possible conversion schemes. The better solution is to add some kind of preload ability which could be used on startup. -- Boris Popov http://rbp.euro.ru ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to [EMAIL PROTECTED]
