On Sat, 2005-08-20 at 10:30 -0700, Linus Torvalds wrote:
>
> On Sat, 20 Aug 2005, Miklos Szeredi wrote:
> >
> > My question is: is this deliberate or accidental? Wouldn't it be more
> > logical to not require any permission to open such file? Or is there
> > some security concern with that?
>
> It's deliberate but historical. It's been a long time since I worked on
> it, but it was meant for "special opens".
>
> I _think_ it was used for things like "open block device without media
> check" etc (we use O_NONBLOCK for that now), and it was used for directory
> opens before we had O_DIRECTORY. (It's literally been years, so my
> recollection may be bogus).
>
> I don't think anything uses it any more, and it should probably be
> deprecated rather than extended upon.
It may also be dangerous, since I see several drivers using
if ((filp->f_flags & O_ACCMODE) != RD_ONLY) {
/* do something assuming we have write access */
...
}
Perhaps that access mode may not allow for getting to code like this,
but, since it's so old, you may have those that forget about the 3 mode,
and we lose the protection somewhere along the line.
It probably be better to not allow for it. Or maybe an audit of such
code needs to be replaced with:
if (filp->f_mode & FMODE_WRITE) {
...
}
Just my $0.02
-- Steve
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
|
|