Re: [PATCH v2] Restrict unprivileged access to kernel syslog

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Kees Cook <kees.cook@canonical.com>
To: Dan Rosenberg <drosenberg@vsecurity.com>
Cc: linux-kernel@vger.kernel.org, torvalds@linux-foundation.org,
	mingo@elte.hu
Subject: Re: [PATCH v2] Restrict unprivileged access to kernel syslog
Date: Wed, 10 Nov 2010 08:32:45 -0800	[thread overview]
Message-ID: <20101110163245.GM5876@outflux.net> (raw)
In-Reply-To: <1289348309.7380.31.camel@dan>

On Tue, Nov 09, 2010 at 07:18:29PM -0500, Dan Rosenberg wrote:
> The kernel syslog contains debugging information that is often useful
> during exploitation of other vulnerabilities, such as kernel heap
> addresses.  Rather than futilely attempt to sanitize hundreds (or
> thousands) of printk statements and simultaneously cripple useful
> debugging functionality, it is far simpler to create an option that
> prevents unprivileged users from reading the syslog.
> 
> This patch, loosely based on grsecurity's GRKERNSEC_DMESG, creates the
> dmesg_restrict sysctl.  When set to "0", the default, no restrictions
> are enforced.  When set to "1", only users with CAP_SYS_ADMIN can read
> the kernel syslog via dmesg(8) or other mechanisms.
> 
> v2 adds CONFIG_SECURITY_RESTRICT_DMESG.  When enabled, the default
> sysctl value is set to "1".  When disabled, the default sysctl value is
> set to "0".
> 
> Signed-off-by: Dan Rosenberg <drosenberg@vsecurity.com>
> CC: Linus Torvalds <torvalds@linux-foundation.org>
> CC: Ingo Molnar <mingo@elte.hu>
> CC: Kees Cook <kees.cook@canonical.com>
> CC: stable <stable@kernel.org>

Acked-by: Kees Cook <kees.cook@canonical.com>

As before, this looks fine and does the right thing with regard to /proc
access to the kernel log.

-- 
Kees Cook
Ubuntu Security Team

     prev parent reply	other threads:[~2010-11-10 16:32 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-11-10  0:18 [PATCH v2] Restrict unprivileged access to kernel syslog Dan Rosenberg
2010-11-10  8:25 ` Ingo Molnar
2010-11-10 15:26   ` Andrew Morton
2010-11-10 17:50     ` Dave Jones
2010-11-10 18:13       ` Ingo Molnar
2010-11-10 18:10     ` Ingo Molnar
2010-11-10 16:32 ` Kees Cook [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20101110163245.GM5876@outflux.net \
    --to=kees.cook@canonical.com \
    --cc=drosenberg@vsecurity.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@elte.hu \
    --cc=torvalds@linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.