[PATCH 1/7] procfs privacy: /proc/bus/pci

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This patch changes the permissions of the /proc/bus/pci directory entry,
so, non-root users are restricted of accessing it's content.

It's also available at:
http://pearls.tuxedo-es.org/patches/security/proc-privacy-1_drivers_pci_proc.c.patch

-- 
Lorenzo Hernández García-Hierro <[email protected]> 
[1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]
diff -puN drivers/pci/proc.c~proc-privacy-1 drivers/pci/proc.c
--- linux-2.6.11/drivers/pci/proc.c~proc-privacy-1	2005-04-17 17:50:49.033817704 +0200
+++ linux-2.6.11-lorenzo/drivers/pci/proc.c	2005-04-17 17:55:11.321943848 +0200
@@ -565,7 +565,7 @@ static struct file_operations proc_pci_o
 
 static void legacy_proc_init(void)
 {
-	struct proc_dir_entry * entry = create_proc_entry("pci", 0, NULL);
+	struct proc_dir_entry * entry = create_proc_entry("pci", S_IRUSR, NULL);
 	if (entry)
 		entry->proc_fops = &proc_pci_operations;
 }
@@ -594,7 +594,7 @@ static int __init pci_proc_init(void)
 {
 	struct proc_dir_entry *entry;
 	struct pci_dev *dev = NULL;
-	proc_bus_pci_dir = proc_mkdir("pci", proc_bus);
+	proc_bus_pci_dir = proc_mkdir_mode("pci", S_IRUSR | S_IXUSR, proc_bus);
 	entry = create_proc_entry("devices", 0, proc_bus_pci_dir);
 	if (entry)
 		entry->proc_fops = &proc_bus_pci_dev_operations;

Attachment: signature.asc
Description: This is a digitally signed message part


[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux