Re: [PATCH v3] scsi: require CAP_SYS_ADMIN to write to procfs interface

From: Aleksa Sarai
Date: Sun Nov 05 2017 - 00:05:03 EST

Next message: Gustavo A. R. Silva: "[PATCH] net/mlx5e/core/en_fs: fix pointer dereference after free in mlx5e_execute_l2_action"
Previous message: Chao Yu: "Re: [f2fs-dev] [PATCH 2/2] f2fs: stop all the operations by cp_error flag"
In reply to: Aleksa Sarai: "[PATCH v3] scsi: require CAP_SYS_ADMIN to write to procfs interface"
Next in thread: Greg KH: "Re: [PATCH v3] scsi: require CAP_SYS_ADMIN to write to procfs interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 11/05/2017 01:56 PM, Aleksa Sarai wrote:

Previously, the only capability effectively required to operate on the
/proc/scsi interface was CAP_DAC_OVERRIDE (or for some other files,
having an fsuid of GLOBAL_ROOT_UID was enough). This means that
semi-privileged processes could interfere with core components of a
system (such as causing a DoS by removing the underlying SCSI device of
the host's / mount).

An alternative to this patch would be to make the open(2) call fail, if you try to open it write-only or read-write. Not sure which would be preferred (should it be possible to pass /proc/scsi/scsi to a semi-privileged process to write to?).

--
Aleksa Sarai
Senior Software Engineer (Containers)
SUSE Linux GmbH
https://www.cyphar.com/

Next message: Gustavo A. R. Silva: "[PATCH] net/mlx5e/core/en_fs: fix pointer dereference after free in mlx5e_execute_l2_action"
Previous message: Chao Yu: "Re: [f2fs-dev] [PATCH 2/2] f2fs: stop all the operations by cp_error flag"
In reply to: Aleksa Sarai: "[PATCH v3] scsi: require CAP_SYS_ADMIN to write to procfs interface"
Next in thread: Greg KH: "Re: [PATCH v3] scsi: require CAP_SYS_ADMIN to write to procfs interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]