From: Or Gerlitz <ogerlitz-smomgflXvOZWk0Htik3J/w@public.gmane.org>
To: Roland Dreier <rdreier-FYB4Gu1CFyUAvxtiuMwx3w@public.gmane.org>
Cc: linux-rdma-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: Re: sysfs IPoIB root owned writable files
Date: Thu, 24 Jun 2010 09:15:40 +0300 [thread overview]
Message-ID: <4C22F80C.90000@voltaire.com> (raw)
In-Reply-To: <4C0B2B24.6020304-hKgKHo2Ms0FWk0Htik3J/w@public.gmane.org>
>> the following files created under /sys which are world writeable
>> /sys/class/net/ib0/delete_child /sys/class/net/ib0/create_child
>> At least the create_child & delete_child files appear to be dangerous to leave as world writeable because they result in resources allocations.
Roland,
If I see a patch in linux-rdma patchwork, e.g
https://patchwork.kernel.org/patch/104502 with the below patch, does
this mean it will get to be reviewed/merged towards 2.6.36, or you
prefer a reminder on the list?
Or.
> Yes, this looks bad. The below patch fixes that, I tested it on 2.6.35-rc1
>
> [PATCH] make ipoib child entries non-world writable
>
> Sumeet Lahorani <sumeet.lahorani-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org> reported that the ipoib
> child entries are world writable, fix them to be root only writable
>
> Signed-off-by: Or Gerlitz <ogerlitz-smomgflXvOZWk0Htik3J/w@public.gmane.org>
>
> diff --git a/drivers/infiniband/ulp/ipoib/ipoib_main.c b/drivers/infiniband/ulp/ipoib/ipoib_main.c
> index df3eb8c..b4b2257 100644
> --- a/drivers/infiniband/ulp/ipoib/ipoib_main.c
> +++ b/drivers/infiniband/ulp/ipoib/ipoib_main.c
> @@ -1163,7 +1163,7 @@ static ssize_t create_child(struct device *dev,
>
> return ret ? ret : count;
> }
> -static DEVICE_ATTR(create_child, S_IWUGO, NULL, create_child);
> +static DEVICE_ATTR(create_child, S_IWUSR, NULL, create_child);
>
> static ssize_t delete_child(struct device *dev,
> struct device_attribute *attr,
> @@ -1183,7 +1183,7 @@ static ssize_t delete_child(struct device *dev,
> return ret ? ret : count;
>
> }
> -static DEVICE_ATTR(delete_child, S_IWUGO, NULL, delete_child);
> +static DEVICE_ATTR(delete_child, S_IWUSR, NULL, delete_child);
>
> int ipoib_add_pkey_attr(struct net_device *dev)
> {
--
To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2010-06-24 6:15 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-06-03 21:58 root owned writeable files under /sys Sumeet Lahorani
[not found] ` <4C082598.8000809-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org>
2010-06-06 4:59 ` Or Gerlitz
[not found] ` <4C0B2B24.6020304-hKgKHo2Ms0FWk0Htik3J/w@public.gmane.org>
2010-06-06 16:08 ` Sumeet Lahorani
[not found] ` <4C0BC819.1060201-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org>
2010-06-07 4:56 ` Or Gerlitz
2010-06-08 9:10 ` Eli Cohen
[not found] ` <AANLkTikpFbgHyXoeQQt5wU4WkpbXQnqXUYRoy718qSuW-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2010-06-09 7:20 ` Sumeet Lahorani
2010-07-07 5:42 ` root owned writable " Or Gerlitz
[not found] ` <4C3413BD.5030008-hKgKHo2Ms0FWk0Htik3J/w@public.gmane.org>
2010-07-07 11:25 ` Tziporet Koren
[not found] ` <E113D394D7C5DB4F8FF691FA7EE9DB443A943033CD-WQlSmcKwN8Te+A/uUDamNg@public.gmane.org>
2010-07-07 11:46 ` Or Gerlitz
2010-07-18 14:03 ` Jack Morgenstein
[not found] ` <E113D394D7C5DB4F8FF691FA7EE9DB443B38B99C02-WQlSmcKwN8Te+A/uUDamNg@public.gmane.org>
2010-07-18 16:49 ` Or Gerlitz
[not found] ` <4C43309E.4020001-hKgKHo2Ms0FWk0Htik3J/w@public.gmane.org>
2010-11-18 9:55 ` Or Gerlitz
[not found] ` <4CE4F811.2010006-hKgKHo2Ms0FWk0Htik3J/w@public.gmane.org>
2010-11-18 12:59 ` Jack Morgenstein
[not found] ` <E113D394D7C5DB4F8FF691FA7EE9DB443D1BDCA193-WQlSmcKwN8Te+A/uUDamNg@public.gmane.org>
2010-11-18 13:03 ` Or Gerlitz
[not found] ` <4CE5241A.20400-hKgKHo2Ms0FWk0Htik3J/w@public.gmane.org>
2010-11-18 13:23 ` Tziporet Koren
2010-06-24 6:15 ` Or Gerlitz [this message]
2010-07-06 21:24 ` root owned writeable " Roland Dreier
[not found] ` <adaaaq4mhhd.fsf-BjVyx320WGW9gfZ95n9DRSW4+XlvGpQz@public.gmane.org>
2010-07-07 14:48 ` Or Gerlitz
[not found] ` <AANLkTimCsfv06uHec5bA-PNJVL2ghdZCycyn1w8HybNe-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2010-07-07 15:19 ` Roland Dreier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4C22F80C.90000@voltaire.com \
--to=ogerlitz-smomgflxvozwk0htik3j/w@public.gmane.org \
--cc=linux-rdma-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=rdreier-FYB4Gu1CFyUAvxtiuMwx3w@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.