From: Sarah Newman <srn@prgmr.com>
To: Karel Zak <kzak@redhat.com>
Cc: kerolasa@gmail.com, Tilman Schmidt <tilman@imap.cc>,
"Wayne R. Roth" <wayneroth42@gmail.com>,
util-linux <util-linux@vger.kernel.org>
Subject: Re: [PATCH] mkswap: Add warnings for insecure device permissions/owners
Date: Tue, 26 Jan 2016 08:28:35 -0800 [thread overview]
Message-ID: <56A79EB3.8040002@prgmr.com> (raw)
In-Reply-To: <20160126104204.sls4bbcxocoscbcc@ws.net.home>
On 01/26/2016 02:42 AM, Karel Zak wrote:
> On Sun, Jan 24, 2016 at 11:09:47AM +0000, Sami Kerola wrote:
>> On 23 January 2016 at 16:22, Karel Zak <kzak@redhat.com> wrote:
>>> On Fri, Jan 22, 2016 at 10:03:47PM +0000, Sami Kerola wrote:
>>>> Alternatively one could make swapon to get rid of all permission bits
>>>> and set ownership to UID 0 by default when ever it activates a
>>>> swapfile. How about that.
>>>
>>> Not sure if want to change any permissions on the fly, it would be
>>> better to reject files (by swapon) with insecure permissions and
>>> require something like --force for crazy users who wants to ignore
>>> this problem.
>>
>> Why not completely optional?
>>
>> $ swapon --path-permissions [ignore|complain|stop|fix]
>
> I don't think we want to merge another functionality to swapon. The
> warnings are enough. For the rest we have ch{own,mod}.
>
> Let's Keep It Simple and Stupid. We all love kisses, right? :-)
Hi Karel,
Your original suggestion for swapon to require '--force' for insecure permissions seems like the most sane thing to do - it protects the user without
adding a lot of knobs. Presumably there would need to a "force" option for fstab too.
But implementing that without advance notice could lead to broken systems. Maybe it would make sense to add the --force option now and change the
warning to indicate that in future versions of swapon, insecure permissions used without --force will be rejected. Then in a couple of years actually
implement that change.
If you agree this is sane behavior appropriate for upstream, I'll get you a patch for swapon.
--Sarah
next prev parent reply other threads:[~2016-01-26 16:28 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-19 18:37 [PATCH] mkswap: Add warnings for insecure device permissions/owners Wayne R. Roth
2016-01-19 19:44 ` Mike Frysinger
2016-01-20 4:17 ` [PATCH] mkswap: Add warnings for insecure device permissions/owners Logic modified from sys-utils/swapon.c Wayne R. Roth
2016-01-20 4:58 ` Mike Frysinger
2016-01-20 6:09 ` [PATCH] mkswap: add " Wayne R. Roth
2016-01-26 10:35 ` Karel Zak
2016-01-20 9:39 ` [PATCH] mkswap: Add warnings for insecure device permissions/owners Sami Kerola
2016-01-20 10:30 ` Karel Zak
2016-01-21 22:19 ` Sarah Newman
2016-01-22 16:01 ` Tilman Schmidt
2016-01-22 19:14 ` Sarah Newman
2016-01-22 22:03 ` Sami Kerola
2016-01-23 16:22 ` Karel Zak
2016-01-24 11:09 ` Sami Kerola
2016-01-25 19:55 ` Sami Kerola
2016-01-26 10:42 ` Karel Zak
2016-01-26 16:28 ` Sarah Newman [this message]
2016-01-25 21:39 ` Sarah Newman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56A79EB3.8040002@prgmr.com \
--to=srn@prgmr.com \
--cc=kerolasa@gmail.com \
--cc=kzak@redhat.com \
--cc=tilman@imap.cc \
--cc=util-linux@vger.kernel.org \
--cc=wayneroth42@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.