From: Bryn M. Reeves <[email protected]>
/sys/bus/pci/drivers/megaraid_sas/poll_mode_io defaults to being
world-writable, which seems bad (letting any user affect kernel driver
behavior).
This turns off group and user write permissions, so that on typical
production systems only root can write to it.
Signed-off-by: Bryn M. Reeves <[email protected]>
Signed-off-by: Casey Dahlin <[email protected]>
---
drivers/scsi/megaraid/megaraid_sas.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/drivers/scsi/megaraid/megaraid_sas.c b/drivers/scsi/megaraid/megaraid_sas.c
index a39addc..08a7f49 100644
--- a/drivers/scsi/megaraid/megaraid_sas.c
+++ b/drivers/scsi/megaraid/megaraid_sas.c
@@ -3451,7 +3451,7 @@ out:
return retval;
}
-static DRIVER_ATTR(poll_mode_io, S_IRUGO|S_IWUGO,
+static DRIVER_ATTR(poll_mode_io, S_IRUGO|S_IWUSR,
megasas_sysfs_show_poll_mode_io,
megasas_sysfs_set_poll_mode_io);
--
1.6.2.5
On 12/02/2009 11:17 PM, Casey Dahlin wrote:
> From: Bryn M. Reeves<[email protected]>
>
> /sys/bus/pci/drivers/megaraid_sas/poll_mode_io defaults to being
> world-writable, which seems bad (letting any user affect kernel driver
> behavior).
>
> This turns off group and user write permissions, so that on typical
> production systems only root can write to it.
>
> Signed-off-by: Bryn M. Reeves<[email protected]>
> Signed-off-by: Casey Dahlin<[email protected]>
CC: Eugene Teo <[email protected]>
The subject should read: megaraid_sas: remove poll_mode_io world
writeable permissions instead, and this has been assigned with
CVE-2009-3939.
Thanks, Eugene
--
Eugene Teo / Red Hat Security Response Team
How do you turn on poll_mode_io?
Thanks,
Bo Yang
________________________________________
From: Eugene Teo [[email protected]]
Sent: Wednesday, December 02, 2009 7:08 PM
To: Casey Dahlin
Cc: [email protected]; Bryn M. Reeves; DL-MegaRAID Linux; James E.J. Bottomley; Andrew Morton; Yang Hongyang; Anand Gadiyar; Jiri Kosina; [email protected]
Subject: Re: [PATCH] [SCSI] megaraid_sas: remove sysfs dbg_lvl world writeable permissions
On 12/02/2009 11:17 PM, Casey Dahlin wrote:
> From: Bryn M. Reeves<[email protected]>
>
> /sys/bus/pci/drivers/megaraid_sas/poll_mode_io defaults to being
> world-writable, which seems bad (letting any user affect kernel driver
> behavior).
>
> This turns off group and user write permissions, so that on typical
> production systems only root can write to it.
>
> Signed-off-by: Bryn M. Reeves<[email protected]>
> Signed-off-by: Casey Dahlin<[email protected]>
CC: Eugene Teo <[email protected]>
The subject should read: megaraid_sas: remove poll_mode_io world
writeable permissions instead, and this has been assigned with
CVE-2009-3939.
Thanks, Eugene
--
Eugene Teo / Red Hat Security Response Team-
On Thu, 2009-12-03 at 08:01 -0700, Yang, Bo wrote:
> How do you turn on poll_mode_io?
Write to the file as root?
Bryn.