From mboxrd@z Thu Jan  1 00:00:00 1970
From: Radoslaw Szkodzinski (AstralStorm) <lkml@astralstorm.puszkin.org>
Subject: Re: [patch 1/2] [RFC] Simple tamper-proof device filesystem.
Date: Tue, 18 Dec 2007 16:22:28 +0100
Message-ID: <20071218162228.79f75395@astralstorm.puszkin.org>
References: <47650A4C.4000708@davidnewall.com>
	<200712170040.lBH0e6sf099887@www262.sakura.ne.jp>
	<54137.81.207.0.53.1197891890.squirrel@secure.samage.net>
	<200712171605.31084.a1426z@gawab.com>
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="Sig_/Dj+tqoofQEliyGOuA6BjJ.d";
 protocol="application/pgp-signature"; micalg=PGP-SHA1
Cc: "Indan Zupancic" <indan@nul.nu>,
	"Tetsuo Handa" <penguin-kernel@i-love.sakura.ne.jp>,
	david@davidnewall.com, linux-fsdevel@vger.kernel.org,
	linux-kernel@vger.kernel.org
To: Al Boldi <a1426z@gawab.com>
Return-path: <linux-kernel-owner+glk-linux-kernel-3=40m.gmane.org-S1758730AbXLRPXD@vger.kernel.org>
In-Reply-To: <200712171605.31084.a1426z@gawab.com>
Sender: linux-kernel-owner@vger.kernel.org
List-Id: linux-fsdevel.vger.kernel.org

--Sig_/Dj+tqoofQEliyGOuA6BjJ.d
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable

On Mon, 17 Dec 2007 16:05:31 +0300
Al Boldi <a1426z@gawab.com> wrote:

> Indan Zupancic wrote:
> > On Mon, December 17, 2007 01:40, Tetsuo Handa wrote:
> > I think you can better spend your time on read-only bind mounts.
>=20
> That would be too coarse.
>=20

Actually, who needs to create device nodes? Just prohibit everyone from
creating them, except "installer" and "udev" personality.
This means removing CAP_MKNOD on a global scale.
(OTOH, both don't need CAP_SYS_ADMIN. Maybe udev needs
CAP_SYS_MODULE...)

Now, stopping people from faking hotplug events is totally another
story. Is that currently possible?

--Sig_/Dj+tqoofQEliyGOuA6BjJ.d
Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.7 (GNU/Linux)

iD8DBQFHZ+W8BlhXA0ALOYMRArJLAKDGSzgFHGYfbanFqdZqnbvAiU1GeQCghdsS
YF2IEkcJkGbHf64ZdIEBnkI=
=tzOb
-----END PGP SIGNATURE-----

--Sig_/Dj+tqoofQEliyGOuA6BjJ.d--