Re: [patch] make root_plug more useful via whitelist

[Chris Wright]

* Fred Emmott (mail@xxxxxxxxxxxxxxxx) wrote:
> patch: http://fredemmott.co.uk/files/rp.patch
> 
> This adds a whitelist of programs such as /bin/login and /sbin/agetty which 
> may be ran as root without the USB device prescent. It also includes my 
> earlier patch to check the USB device's serial number as well as 
> vendor/product.
> 
> This is not meant for inclusion; I'd appreciate comments on anything I've done 
> wrong, and suggestions on how to make it distribution neutral (at the moment 
> it probably only works correctly on slackware) - I'm thinking of adding a 
> security/root_plug_relax/ directory containing files such as "slackware.h" 
> "redhat.h" etc.

There's a couple of problems here.  First, the serial number thing
should be done differently.  The serial number should be spcecified by
a module parameter, and just store it as u8 and do direct compare (this
will eliminate the unecessary kmalloc, and the subsequent memory leak
you introduced).  Second, the relax stuff should not be done via config
parameters.  It, of course, undermines the point of the module, but if
you want to do it, make it done via userspace writing to some exposed fs
(e.g.. echo /usr/bin/foo > ..../relax).  Finally, do the lookup there,
and then keep your whitelist as inode based, not pathname based.

thanks,
-chris
-- 
Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/