Re: [linux-usb-devel] Re: [Security] [vendor-sec] [BUG/PATCH/RFC] Oops while completing async USB via usbdevio

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

* Linus Torvalds ([email protected]) wrote:
> Here's a totally untested patch. It's guaranteed not to do the "right 
> thing", simply because it doesn't _use_ the uid/euid information. But it's 
> in the right kind of direction.
> 
> If you change the "kill_proc_info()" into a "kill_proc_info_as_uid()" 
> call, and add that to kernel/signal.c (which is basically kill_proc_info() 
> except it uses the passed-in uid/euid for the "check_kill_permission()" 
> tests instead), it should be correct.
> 
> As-is, it won't work, because it will use a _random_ uid (whatever is the 
> currently running process) for the kill permission. So this really is just 
> a "use this as a template" kind of patch, DO NOT APPLY!

Sorry, I missed the thread up to this, but this looks fundamentally
broken.  The kill_proc_info_as_uid() idea is not sufficient because more
than uid/euid are needed for permission check.  There's capabilities and
security labels.  Is there a reason not to do normal async here?

thanks,
-chris
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/
[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]
  Powered by Linux