[PATCH 0/2] fs: set root dir perms
Kees Cook
kees.cook at canonical.com
Tue Feb 22 19:58:54 UTC 2011
On Tue, Feb 22, 2011 at 12:50:43PM -0700, Tim Gardner wrote:
> On 02/22/2011 12:17 PM, Kees Cook wrote:
> >Hi Tim,
> >
> >On Tue, Feb 22, 2011 at 12:02:16PM -0700, Tim Gardner wrote:
> >>On 02/22/2011 11:28 AM, Kees Cook wrote:
> >>>With the continuing deluge of bugs in the "debug" filesystem, I would
> >>>like to make that filesystem's root directory mode 0700 by default since
> >>>it's filled with crazy stuff that regular users do not need to see.
> >>>
> >>>Better to try to just close the door completely on all the stuff in there.
> >>>It is, after all, supposed to only be used for debugging, right?
> >>>
> >>>
> >>
> >>On the surface this doesn't look too bad. However, I'd kind of like
> >>to let it cook upstream for awhile. Your email on LKML has a fairly
> >>wide distribution, so the responses ought to be interesting.
> >
> >Oh, er, I thought it was best to get it into Natty ASAP so that we could
> >shake out any obvious glitches it causes. That was the impression apw gave
> >me, anyway.
> >
> >-Kees
> >
>
> Perhaps, while some of this is shaking out upstream, we ought to
> take a closer look at not leaving debugfs mounted, e.g., umount it
> after ureadahead is done. Anyone using ftrace is likely savvy enough
> to know how to mount debugfs when they need it.
I think ureadahead already uses a private copy of debugfs in
/var/lib/ureadahead/debugfs. I think we should just not mount debugfs at
all (though we still need to keep acpi/custom_method commented out at least
until this[1] is taken).
-Kees
[1] https://lkml.org/lkml/2011/2/22/369
--
Kees Cook
Ubuntu Security Team
More information about the kernel-team
mailing list