Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Thu, 17 Oct 2002 08:33:29 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Thu, 17 Oct 2002 08:33:29 -0400 Received: from cerebus.wirex.com ([65.102.14.138]:59384 "EHLO figure1.int.wirex.com") by vger.kernel.org with ESMTP id ; Thu, 17 Oct 2002 08:33:26 -0400 Date: Thu, 17 Oct 2002 05:30:14 -0700 From: Chris Wright To: Olaf Dietsche Cc: torvalds@transmeta.com, linux-kernel@vger.kernel.org Subject: Re: [PATCH][RFC] 2.5.42: remove capable(CAP_SYS_RAWIO) check from open_kmem Message-ID: <20021017053014.C26442@figure1.int.wirex.com> Mail-Followup-To: Olaf Dietsche , torvalds@transmeta.com, linux-kernel@vger.kernel.org References: <87smza1p7f.fsf@goat.bogus.local> <87bs5tba9j.fsf@goat.bogus.local> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <87bs5tba9j.fsf@goat.bogus.local>; from olaf.dietsche#list.linux-kernel@t-online.de on Thu, Oct 17, 2002 at 01:00:24PM +0200 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1334 Lines: 34 * Olaf Dietsche (olaf.dietsche#list.linux-kernel@t-online.de) wrote: > Olaf Dietsche writes: > > > In drivers/char/mem.c there's open_port(), which is used as open_mem() > > and open_kmem() as well. I don't see the benefit of this, since > > /dev/mem and /dev/kmem are already protected by filesystem > > permissions. > > > > mem.c, line 526: > > static int open_port(struct inode * inode, struct file * filp) > > { > > return capable(CAP_SYS_RAWIO) ? 0 : -EPERM; > > } > > > > If anyone knows, why this is done this way, please let me > > know. Otherwise, I suggest the patch below. > > I haven't got a convincing answer against this patch, so far. The > patch applies to 2.5.43 as well. > Linus, please apply. No way. This is clearly a bad idea. CAP_SYS_RAWIO should be treated very seriously, look at what it enables. CAP_DAC_OVERRIDE is substantially less powerful, and if you remove this check, it would be the only capability protecting this. -chris -- Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/