public inbox for linux-scsi@vger.kernel.org
 help / color / mirror / Atom feed
* [PATCH] [SCSI] megaraid_sas: remove sysfs dbg_lvl world writeable permissions
@ 2009-12-02 15:17 Casey Dahlin
  2009-12-03  0:08 ` Eugene Teo
  0 siblings, 1 reply; 4+ messages in thread
From: Casey Dahlin @ 2009-12-02 15:17 UTC (permalink / raw)
  To: linux-kernel
  Cc: eteo, Bryn M. Reeves, Casey Dahlin, Neela Syam Kolli,
	James E.J. Bottomley, Andrew Morton, Yang Hongyang, Anand Gadiyar,
	Jiri Kosina, linux-scsi

From: Bryn M. Reeves <bmr@redhat.com>

/sys/bus/pci/drivers/megaraid_sas/poll_mode_io defaults to being
world-writable, which seems bad (letting any user affect kernel driver
behavior).

This turns off group and user write permissions, so that on typical
production systems only root can write to it.

Signed-off-by: Bryn M. Reeves <bmr@redhat.com>
Signed-off-by: Casey Dahlin <cdahlin@redhat.com>
---
 drivers/scsi/megaraid/megaraid_sas.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/drivers/scsi/megaraid/megaraid_sas.c b/drivers/scsi/megaraid/megaraid_sas.c
index a39addc..08a7f49 100644
--- a/drivers/scsi/megaraid/megaraid_sas.c
+++ b/drivers/scsi/megaraid/megaraid_sas.c
@@ -3451,7 +3451,7 @@ out:
 	return retval;
 }
 
-static DRIVER_ATTR(poll_mode_io, S_IRUGO|S_IWUGO,
+static DRIVER_ATTR(poll_mode_io, S_IRUGO|S_IWUSR,
 		megasas_sysfs_show_poll_mode_io,
 		megasas_sysfs_set_poll_mode_io);
 
-- 
1.6.2.5


^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [PATCH] [SCSI] megaraid_sas: remove sysfs dbg_lvl world writeable permissions
  2009-12-02 15:17 [PATCH] [SCSI] megaraid_sas: remove sysfs dbg_lvl world writeable permissions Casey Dahlin
@ 2009-12-03  0:08 ` Eugene Teo
  2009-12-03 15:01   ` Yang, Bo
  0 siblings, 1 reply; 4+ messages in thread
From: Eugene Teo @ 2009-12-03  0:08 UTC (permalink / raw)
  To: Casey Dahlin
  Cc: linux-kernel, Bryn M. Reeves, Neela Syam Kolli,
	James E.J. Bottomley, Andrew Morton, Yang Hongyang, Anand Gadiyar,
	Jiri Kosina, linux-scsi

On 12/02/2009 11:17 PM, Casey Dahlin wrote:
> From: Bryn M. Reeves<bmr@redhat.com>
>
> /sys/bus/pci/drivers/megaraid_sas/poll_mode_io defaults to being
> world-writable, which seems bad (letting any user affect kernel driver
> behavior).
>
> This turns off group and user write permissions, so that on typical
> production systems only root can write to it.
>
> Signed-off-by: Bryn M. Reeves<bmr@redhat.com>
> Signed-off-by: Casey Dahlin<cdahlin@redhat.com>

CC: Eugene Teo <eteo@redhat.com>

The subject should read: megaraid_sas: remove poll_mode_io world 
writeable permissions instead, and this has been assigned with 
CVE-2009-3939.

Thanks, Eugene
-- 
Eugene Teo / Red Hat Security Response Team

^ permalink raw reply	[flat|nested] 4+ messages in thread
* RE: [PATCH] [SCSI] megaraid_sas: remove sysfs dbg_lvl world writeable permissions
  2009-12-03  0:08 ` Eugene Teo
@ 2009-12-03 15:01   ` Yang, Bo
  2009-12-04 13:38     ` Bryn M. Reeves
  0 siblings, 1 reply; 4+ messages in thread
From: Yang, Bo @ 2009-12-03 15:01 UTC (permalink / raw)
  To: Eugene Teo, Casey Dahlin
  Cc: linux-kernel@vger.kernel.org, Bryn M. Reeves, DL-MegaRAID Linux,
	James E.J. Bottomley, Andrew Morton, Yang Hongyang, Anand Gadiyar,
	Jiri Kosina, linux-scsi@vger.kernel.org

How do you turn on poll_mode_io?

Thanks,

Bo Yang

________________________________________
From: Eugene Teo [eteo@redhat.com]
Sent: Wednesday, December 02, 2009 7:08 PM
To: Casey Dahlin
Cc: linux-kernel@vger.kernel.org; Bryn M. Reeves; DL-MegaRAID Linux; James E.J. Bottomley; Andrew Morton; Yang Hongyang; Anand Gadiyar; Jiri Kosina; linux-scsi@vger.kernel.org
Subject: Re: [PATCH] [SCSI] megaraid_sas: remove sysfs dbg_lvl world writeable permissions

On 12/02/2009 11:17 PM, Casey Dahlin wrote:
> From: Bryn M. Reeves<bmr@redhat.com>
>
> /sys/bus/pci/drivers/megaraid_sas/poll_mode_io defaults to being
> world-writable, which seems bad (letting any user affect kernel driver
> behavior).
>
> This turns off group and user write permissions, so that on typical
> production systems only root can write to it.
>
> Signed-off-by: Bryn M. Reeves<bmr@redhat.com>
> Signed-off-by: Casey Dahlin<cdahlin@redhat.com>

CC: Eugene Teo <eteo@redhat.com>

The subject should read: megaraid_sas: remove poll_mode_io world
writeable permissions instead, and this has been assigned with
CVE-2009-3939.

Thanks, Eugene
--
Eugene Teo / Red Hat Security Response Team

^ permalink raw reply	[flat|nested] 4+ messages in thread
* RE: [PATCH] [SCSI] megaraid_sas: remove sysfs dbg_lvl world writeable permissions
  2009-12-03 15:01   ` Yang, Bo
@ 2009-12-04 13:38     ` Bryn M. Reeves
  0 siblings, 0 replies; 4+ messages in thread
From: Bryn M. Reeves @ 2009-12-04 13:38 UTC (permalink / raw)
  To: Yang, Bo
  Cc: Eugene Teo, Casey Dahlin, linux-kernel@vger.kernel.org,
	DL-MegaRAID Linux, James E.J. Bottomley, Andrew Morton,
	Yang Hongyang, Anand Gadiyar, Jiri Kosina,
	linux-scsi@vger.kernel.org

On Thu, 2009-12-03 at 08:01 -0700, Yang, Bo wrote:
> How do you turn on poll_mode_io?

Write to the file as root?

Bryn.



^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2009-12-04 13:38 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-12-02 15:17 [PATCH] [SCSI] megaraid_sas: remove sysfs dbg_lvl world writeable permissions Casey Dahlin
2009-12-03  0:08 ` Eugene Teo
2009-12-03 15:01   ` Yang, Bo
2009-12-04 13:38     ` Bryn M. Reeves

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox