changing perms on /sys/kernel/debug by default
Bryce Harrington
bryce at canonical.com
Tue Feb 22 23:37:27 UTC 2011
On Tue, Feb 22, 2011 at 03:16:39PM -0800, Kees Cook wrote:
> Hi,
>
> While I'd like to just not compile debugfs into the Ubuntu kernels at all,
> it seems that there is a fair bit of push-back on this idea. Instead, the
> dangerous /sys/kernel/debug/acpi/custom_method interface has been removed
> as the most problematic of all the interfaces (it allows writing arbitrary
> kernel memory, bypassing /dev/kmem, /dev/mem, and module restrictions).
>
> Since debugfs should not be required for a production system[1], I'd like
> to remove it from mountall's default fstab. To get there, the first step is
> to make /sys/kernel/debug only accessible by the root user. Unfortunately,
> it does not take a "mode=" mount option like tmpfs does, so mountall has
> been adjusted[2] to set the mode after mounting instead.
>
> - intel_gpu_dump
> Manpage states it should only be run as root.
>
> * xserver-xorg-video-intel
> Apport hook (should be updated to use root privs).
I believe it does already, no? It gets triggered by the kernel via an
upstart hook.
Due to the nature of GPU lockups, we can't prompt the user for root
password or something at the point it gets triggered; the system's
locked up.
We get the majority of our value out of the apport hook during
development. So if you wanted to make debugfs be enabled only during
release, and switch it off after beta, we could work with that.
Bryce
More information about the ubuntu-devel
mailing list