From: Andrew Morton <akpm@linux-foundation.org>
To: Christoph Lameter <clameter@sgi.com>
Cc: arjan@infradead.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org
Subject: Re: [1/2] vmalloc: Show vmalloced areas via /proc/vmallocinfo
Date: Fri, 21 Mar 2008 15:19:35 -0700 [thread overview]
Message-ID: <20080321151935.6a330536.akpm@linux-foundation.org> (raw)
In-Reply-To: <Pine.LNX.4.64.0803201141250.10592@schroedinger.engr.sgi.com>
On Thu, 20 Mar 2008 12:22:07 -0700 (PDT)
Christoph Lameter <clameter@sgi.com> wrote:
> On Wed, 19 Mar 2008, Arjan van de Ven wrote:
>
> > > + proc_create("vmallocinfo",S_IWUSR|S_IRUGO, NULL,
> > why should non-root be able to read this? sounds like a security issue (info leak) to me...
What is the security concern here? This objection is rather vague.
> Well I copied from the slabinfo logic (leaking info for slabs is okay?).
>
> Lets restrict it to root then:
>
>
>
> Subject: vmallocinfo: Only allow root to read /proc/vmallocinfo
>
> Change permissions for /proc/vmallocinfo to only allow read
> for root.
That makes the feature somewhat less useful. Let's think this through more
carefully - it is, after all, an unrevokable, unalterable addition to the
kernel ABI.
Arjan, what scenarios are you thinking about?
WARNING: multiple messages have this Message-ID (diff)
From: Andrew Morton <akpm@linux-foundation.org>
To: Christoph Lameter <clameter@sgi.com>
Cc: arjan@infradead.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org
Subject: Re: [1/2] vmalloc: Show vmalloced areas via /proc/vmallocinfo
Date: Fri, 21 Mar 2008 15:19:35 -0700 [thread overview]
Message-ID: <20080321151935.6a330536.akpm@linux-foundation.org> (raw)
In-Reply-To: <Pine.LNX.4.64.0803201141250.10592@schroedinger.engr.sgi.com>
On Thu, 20 Mar 2008 12:22:07 -0700 (PDT)
Christoph Lameter <clameter@sgi.com> wrote:
> On Wed, 19 Mar 2008, Arjan van de Ven wrote:
>
> > > + proc_create("vmallocinfo",S_IWUSR|S_IRUGO, NULL,
> > why should non-root be able to read this? sounds like a security issue (info leak) to me...
What is the security concern here? This objection is rather vague.
> Well I copied from the slabinfo logic (leaking info for slabs is okay?).
>
> Lets restrict it to root then:
>
>
>
> Subject: vmallocinfo: Only allow root to read /proc/vmallocinfo
>
> Change permissions for /proc/vmallocinfo to only allow read
> for root.
That makes the feature somewhat less useful. Let's think this through more
carefully - it is, after all, an unrevokable, unalterable addition to the
kernel ABI.
Arjan, what scenarios are you thinking about?
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2008-03-21 22:20 UTC|newest]
Thread overview: 56+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-03-18 22:27 [0/2] vmalloc: Add /proc/vmallocinfo to display mappings Christoph Lameter
2008-03-18 22:27 ` Christoph Lameter
2008-03-18 22:27 ` [1/2] vmalloc: Show vmalloced areas via /proc/vmallocinfo Christoph Lameter
2008-03-18 22:27 ` Christoph Lameter
2008-03-20 4:04 ` Arjan van de Ven
2008-03-20 4:04 ` Arjan van de Ven
2008-03-20 19:22 ` Christoph Lameter
2008-03-20 19:22 ` Christoph Lameter
2008-03-21 22:19 ` Andrew Morton [this message]
2008-03-21 22:19 ` Andrew Morton
2008-03-21 22:09 ` Alan Cox
2008-03-21 22:09 ` Alan Cox
2008-03-18 22:27 ` [2/2] vmallocinfo: Add caller information Christoph Lameter
2008-03-18 22:27 ` Christoph Lameter
2008-03-19 21:42 ` Ingo Molnar
2008-03-19 21:42 ` Ingo Molnar
2008-03-20 0:03 ` Christoph Lameter
2008-03-20 0:03 ` Christoph Lameter
2008-03-21 11:00 ` Ingo Molnar
2008-03-21 11:00 ` Ingo Molnar
2008-03-21 17:35 ` Christoph Lameter
2008-03-21 17:35 ` Christoph Lameter
2008-03-21 18:45 ` Ingo Molnar
2008-03-21 18:45 ` Ingo Molnar
2008-03-21 19:16 ` Christoph Lameter
2008-03-21 19:16 ` Christoph Lameter
2008-03-21 20:55 ` Ingo Molnar
2008-03-21 20:55 ` Ingo Molnar
2008-03-22 2:40 ` Mike Frysinger
2008-03-22 2:40 ` Mike Frysinger
2008-04-29 8:48 ` Ingo Molnar
2008-04-29 8:48 ` Ingo Molnar
2008-04-29 17:08 ` Christoph Lameter
2008-04-29 17:08 ` Christoph Lameter
2008-04-28 19:48 ` Arjan van de Ven
2008-04-28 19:48 ` Arjan van de Ven
2008-04-29 18:49 ` Christoph Lameter
2008-04-29 18:49 ` Christoph Lameter
2008-04-28 21:00 ` Arjan van de Ven
2008-04-28 21:00 ` Arjan van de Ven
2008-04-29 19:09 ` Christoph Lameter
2008-04-29 19:09 ` Christoph Lameter
2008-04-29 19:23 ` Pekka Enberg
2008-04-29 19:23 ` Pekka Enberg
2008-04-29 19:29 ` Pekka Enberg
2008-04-29 19:29 ` Pekka Enberg
2008-04-29 19:29 ` Ingo Molnar
2008-04-29 19:29 ` Ingo Molnar
2008-03-19 2:23 ` [0/2] vmalloc: Add /proc/vmallocinfo to display mappings KOSAKI Motohiro
2008-03-19 2:23 ` KOSAKI Motohiro
2008-03-19 22:07 ` Andrew Morton
2008-03-19 22:07 ` Andrew Morton
2008-03-19 23:33 ` Christoph Lameter
2008-03-19 23:33 ` Christoph Lameter
2008-03-20 7:43 ` KOSAKI Motohiro
2008-03-20 7:43 ` KOSAKI Motohiro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080321151935.6a330536.akpm@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=arjan@infradead.org \
--cc=clameter@sgi.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.