The "read" (2) and "get unread count" (9) operations of sys_syslog() may
also be invoked through /proc/kmsg; however, /proc/kmsg also performs
security checks during open. Perform the same security check when these
operations are invoked through the syslog system call.
Currently this does not change the behavior - for cap_syslog() and
dummy_syslog() the "read" and "get unread count" operations are
identical to "open", and selinux_syslog() maps all of them to
SYSTEM__SYSLOG_MOD. The next patch will enable syslog read for normal
users, so that a process could open /proc/kmsg, then drop privileges and
continue reading kernel messages from the open file descriptor - then
the added check in sys_syslog() will catch attempts to read kernel
messages without having /proc/kmsg open.
Signed-off-by: Sergey Vlasov <[email protected]>
---
kernel/printk.c | 16 +++++++++++++++-
1 files changed, 15 insertions(+), 1 deletions(-)
diff --git a/kernel/printk.c b/kernel/printk.c
index 1149365..91c3f39 100644
--- a/kernel/printk.c
+++ b/kernel/printk.c
@@ -316,7 +316,21 @@ out:
asmlinkage long sys_syslog(int type, char __user *buf, int len)
{
- return do_syslog(type, buf, len);
+ int retval;
+
+ if ((type == 2) || (type == 9)) {
+ /*
+ * These operation can also be invoked through /proc/kmsg, but
+ * you need to have an open file descriptor for that. Make the
+ * syslog system call also require the syslog open permission.
+ */
+ retval = security_syslog(1);
+ if (retval)
+ goto out;
+ }
+ retval = do_syslog(type, buf, len);
+out:
+ return retval;
}
/*
--
1.4.3.3.gddcc6
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]