Re: [Security] [PATCH 00/20] world-writable files in sysfs and debugfs

On Mon, 2011-03-14 at 20:09 -0700, Greg KH wrote: On Mon, Mar 14, 2011 at 10:26:05PM -0400, James Bottomley wrote: On Sat, 2011-03-12 at 23:23 +0300, Vasiliy Kulikov wrote: Vasiliy Kulikov (20): mach-ux500: mbox-db5500: world-writable sysfs fifo file leds: lp5521: world-writable

Re: [Security] [PATCH 00/20] world-writable files in sysfs and debugfs

On Tue, Mar 15, 2011 at 07:50:28AM -0400, James Bottomley wrote: On Mon, 2011-03-14 at 20:09 -0700, Greg KH wrote: On Mon, Mar 14, 2011 at 10:26:05PM -0400, James Bottomley wrote: On Sat, 2011-03-12 at 23:23 +0300, Vasiliy Kulikov wrote: Vasiliy Kulikov (20): mach-ux500:

Re: [Security] [PATCH 00/20] world-writable files in sysfs and debugfs

On Tue, 2011-03-15 at 07:18 -0700, Greg KH wrote: On Tue, Mar 15, 2011 at 07:50:28AM -0400, James Bottomley wrote: On Mon, 2011-03-14 at 20:09 -0700, Greg KH wrote: There are no capability checks on sysfs files right now, so these all need to be fixed. That statement is true but

Re: [Security] [PATCH 00/20] world-writable files in sysfs and debugfs

On Tue, Mar 15, 2011 at 07:50 -0400, James Bottomley wrote: 1. Did anyone actually check for capabilities before assuming world writeable files were wrong? I didn't check all these files as I haven't got these hardware :-) But as I can chmod a+w all sysfs files on my machine and

Re: [Security] [PATCH 00/20] world-writable files in sysfs and debugfs

On Tue, 2011-03-15 at 19:08 +0300, Vasiliy Kulikov wrote: On Tue, Mar 15, 2011 at 07:50 -0400, James Bottomley wrote: 1. Did anyone actually check for capabilities before assuming world writeable files were wrong? I didn't check all these files as I haven't got these hardware

Re: [Security] [PATCH 00/20] world-writable files in sysfs and debugfs

On Sat, 12 Mar 2011 23:23:06 +0300 Vasiliy Kulikov seg...@openwall.com wrote: Vasiliy Kulikov (20): mach-ux500: mbox-db5500: world-writable sysfs fifo file leds: lp5521: world-writable sysfs engine* files leds: lp5523: world-writable engine* sysfs files misc: ep93xx_pwm:

Re: [PATCH 00/20] world-writable files in sysfs and debugfs

On Sat, 2011-03-12 at 23:23 +0300, Vasiliy Kulikov wrote: Vasiliy Kulikov (20): mach-ux500: mbox-db5500: world-writable sysfs fifo file leds: lp5521: world-writable sysfs engine* files leds: lp5523: world-writable engine* sysfs files misc: ep93xx_pwm: world-writable sysfs files

Re: [Security] [PATCH 00/20] world-writable files in sysfs and debugfs

On Mon, Mar 14, 2011 at 10:26:05PM -0400, James Bottomley wrote: On Sat, 2011-03-12 at 23:23 +0300, Vasiliy Kulikov wrote: Vasiliy Kulikov (20): mach-ux500: mbox-db5500: world-writable sysfs fifo file leds: lp5521: world-writable sysfs engine* files leds: lp5523: world-writable

Re: [PATCH 00/20] world-writable files in sysfs and debugfs

Vasiliy Kulikov (20):  mach-ux500: mbox-db5500: world-writable sysfs fifo file  leds: lp5521: world-writable sysfs engine* files  leds: lp5523: world-writable engine* sysfs files  misc: ep93xx_pwm: world-writable sysfs files  rtc: rtc-ds1511: world-writable sysfs nvram file  scsi: aic94xx:

Re: [PATCH 00/20] world-writable files in sysfs and debugfs

Thanks, I've applied the x86 platform driver ones. -- Matthew Garrett | mj...@srcf.ucam.org -- To unsubscribe from this list: send the line unsubscribe linux-omap in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html

[PATCH 00/20] world-writable files in sysfs and debugfs

The search was made with trivial shell commands: find | xargs grep S_IWUGO find | xargs grep S_IWOTH I didn't precisely investigate how exactly one may damage the system/hardware because of issues number, maybe the harm is very limited in case of some of these drivers. One suspicious file is