Re: [security]: kernel ioctl()'s [3]

Alexander Viro (viro@math.psu.edu)
Thu, 1 Jul 1999 19:53:18 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: David Ford: "Re: [security]: kernel ioctl()'s [3]"
Previous message: Chris Evans: "[RFC] [PATCH] [SECURITY] tightening ioctl()'s"

On Fri, 2 Jul 1999, Chris Evans wrote:

> Because programs running as root assume
>
> open("blah", O_RDWR)
> write(blah)
>
> will work.

Take a program running as root. Take a CD. Mount it. root is *not*
guaranteed to have everything writable.

> They do NOT expect to have to
>
> open("blah", O_RDWR)
> if (-EPERM)
> chflags("blah", immutable off)
> open("blah", O_RDWR)

Indeed. Case when it would matter, please? Notice that all derivatives of
4.4BSD have independent system and user flags. If you can find security
problems with that - share, I would like to look at the reaction of Theo ;-)

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: David Ford: "Re: [security]: kernel ioctl()'s [3]"
Previous message: Chris Evans: "[RFC] [PATCH] [SECURITY] tightening ioctl()'s"