All of lore.kernel.org
 help / color / mirror / Atom feed
From: Dave Jones <davej@redhat.com>
To: Tim Waugh <twaugh@redhat.com>
Cc: linux-parport@lists.infradead.org,
	Linux Kernel <linux-kernel@vger.kernel.org>,
	Andrew Morton <akpm@osdl.org>
Subject: Re: [Linux-parport] Incorrect permissions on parport sysctls.
Date: Tue, 9 Aug 2005 11:53:44 -0400	[thread overview]
Message-ID: <20050809155344.GG5844@redhat.com> (raw)
In-Reply-To: <20050809101110.GN7718@redhat.com>

On Tue, Aug 09, 2005 at 11:11:10AM +0100, Tim Waugh wrote:
 > On Tue, Aug 09, 2005 at 12:44:41AM -0400, Dave Jones wrote:
 > 
 > > We have a bunch of 'probe' sysctl's in parport, which are
 > > readable. (world readable even). Make them write-only.
 > > Without this, sysctl -a will try to read these files.
 > 
 > ??
 > 
 > This change is wrong.  The probing happens at module load time, and
 > the IEEE 1284 device IDs are stored for later retrieval to user space
 > via these sysctls.
 > 
 > They are backed by read-only variables.  Reading does not trigger any
 > device interaction.
 > 
 > Make them 0400 if you think it's a security issue: but then,
 > /proc/ide/hda/model etc should also get the same treatment.

It wasn't a security related change.  As I mentioned above,
sysctl -a would fail to read them anyway when I last tried
(circa 2.6.9/10)

I'll try and reproduce without that patch later today.

		Dave


      reply	other threads:[~2005-08-09 15:54 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-08-09  4:44 Incorrect permissions on parport sysctls Dave Jones
2005-08-09  7:10 ` Jan Engelhardt
2005-08-09 10:11 ` [Linux-parport] " Tim Waugh
2005-08-09 15:53   ` Dave Jones [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20050809155344.GG5844@redhat.com \
    --to=davej@redhat.com \
    --cc=akpm@osdl.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-parport@lists.infradead.org \
    --cc=twaugh@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.