linux-scsi.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Vasiliy Kulikov <segoon@openwall.com>
To: linux-kernel@vger.kernel.org
Cc: Mike Christie <michaelc@cs.wisc.edu>,
	Srinidhi Kasagar <srinidhi.kasagar@stericsson.com>,
	Tony Lindgren <tony@atomide.com>,
	platform-driver-x86@vger.kernel.org,
	socketcan-core@lists.berlios.de,
	Corentin Chary <corentincj@iksaif.net>,
	"James E.J. Bottomley" <James.Bottomley@suse.de>,
	Julia Lawall <julia@diku.dk>,
	Russell King <linux@arm.linux.org.uk>,
	Samuel Ortiz <sameo@linux.intel.com>,
	linux-scsi@vger.kernel.org,
	Karol Kozimor <sziwan@users.sourceforge.net>,
	Kevin Hilman <khilman@deeprootsystems.com>,
	Luca Risolia <luca.risolia@studio.unibo.it>,
	open-iscsi@googlegroups.com,
	Wolfgang Grandegger <wg@grandegger.com>,
	Matthew Garrett <mjg@redhat.com>,
	acpi4asus-user@lists.sourceforge.net, rtc-linux@googlegroups.com,
	Carlos Corbacho <carlos@strangeworlds.co.uk>,
	Mauro Carvalho Chehab <mchehab@infradead.org>,
	linux-omap@vger.kernel.org, linux-arm-kernel@lists.infradead.org
Subject: [PATCH 00/20] world-writable files in sysfs and debugfs
Date: Fri, 4 Feb 2011 15:22:29 +0300	[thread overview]
Message-ID: <cover.1296818921.git.segoon@openwall.com> (raw)

The search was made with trivial shell commands:

find | xargs grep S_IWUGO
find | xargs grep S_IWOTH

I didn't precisely investigate how exactly one may damage the
system/hardware because of issues number, maybe the harm is very limited
in case of some of these drivers.

One suspicious file is ./staging/speakup/speakup.h, but it explitly calls
macros as world-writable.  I didn't check what speakup's world-writable
files provide because it requires some knowledge about the hardware.


Vasiliy Kulikov (20):
  mach-omap2: mux: world-writable debugfs files
  mach-omap2: pm: world-writable debugfs timer files
  mach-omap2: smartreflex: world-writable debugfs voltage files
  mach-ux500: mbox-db5500: world-writable sysfs fifo file
  leds: lp5521: world-writable sysfs engine* files
  leds: lp5523: world-writable engine* sysfs files
  video: sn9c102: world-wirtable sysfs files
  mfd: ab3100: world-writable debugfs *_priv files
  mfd: ab3500: world-writable debugfs register-* files
  mfd: ab8500: world-writable debugfs register-* files
  misc: ep93xx_pwm: world-writable sysfs files
  net: can: at91_can: world-writable sysfs files
  net: can: janz-ican3: world-writable sysfs termination file
  platform: x86: acer-wmi: world-writable sysfs threeg file
  platform: x86: asus_acpi: world-writable procfs files
  platform: x86: tc1100-wmi: world-writable sysfs wireless and jogdial files
  rtc: rtc-ds1511: world-writable sysfs nvram file
  scsi: aic94xx: world-writable sysfs update_bios file
  scsi: iscsi: world-writable sysfs priv_sess file
  fs: ubifs: world-writable debugfs dump_* files

 arch/arm/mach-omap2/mux.c                  |    2 +-
 arch/arm/mach-omap2/pm-debug.c             |    8 ++++----
 arch/arm/mach-omap2/smartreflex.c          |    4 ++--
 arch/arm/mach-ux500/mbox-db5500.c          |    2 +-
 drivers/leds/leds-lp5521.c                 |   14 +++++++-------
 drivers/leds/leds-lp5523.c                 |   20 ++++++++++----------
 drivers/media/video/sn9c102/sn9c102_core.c |    6 +++---
 drivers/mfd/ab3100-core.c                  |    4 ++--
 drivers/mfd/ab3550-core.c                  |    6 +++---
 drivers/mfd/ab8500-debugfs.c               |    6 +++---
 drivers/misc/ep93xx_pwm.c                  |    6 +++---
 drivers/net/can/at91_can.c                 |    2 +-
 drivers/net/can/janz-ican3.c               |    2 +-
 drivers/platform/x86/acer-wmi.c            |    2 +-
 drivers/platform/x86/asus_acpi.c           |    8 +-------
 drivers/platform/x86/tc1100-wmi.c          |    2 +-
 drivers/rtc/rtc-ds1511.c                   |    2 +-
 drivers/scsi/aic94xx/aic94xx_init.c        |    2 +-
 drivers/scsi/scsi_transport_iscsi.c        |    2 +-
 fs/ubifs/debug.c                           |    6 +++---
 20 files changed, 50 insertions(+), 56 deletions(-)

--
Vasiliy Kulikov
http://www.openwall.com - bringing security into open computing environments

             reply	other threads:[~2011-02-04 12:22 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-02-04 12:22 Vasiliy Kulikov [this message]
2011-02-04 12:24 ` [PATCH 18/20] scsi: aic94xx: world-writable sysfs update_bios file Vasiliy Kulikov
2011-02-04 12:24 ` [PATCH 19/20] scsi: iscsi: world-writable sysfs priv_sess file Vasiliy Kulikov
     [not found]   ` <1ca8a99eaadde79e662573d89e4f17a20457fba0.1296818921.git.segoon-cxoSlKxDwOJWk0Htik3J/w@public.gmane.org>
2011-03-13  8:28     ` Mike Christie
2011-02-04 13:11 ` [rtc-linux] [PATCH 00/20] world-writable files in sysfs and debugfs Linus Walleij
2011-03-12 20:23 ` Vasiliy Kulikov
     [not found] ` <AANLkTikE-A=Fe-yRrN0opWwJGQ0f4uOzkyB3XCcEUrFE@mail.gmail.com>
2011-03-14 22:18   ` [Security] " Andrew Morton
2011-03-15  2:26   ` James Bottomley
2011-03-15  3:09     ` [Security] " Greg KH
2011-03-15 11:50       ` James Bottomley
2011-03-15 14:18         ` Greg KH
2011-03-15 14:25           ` James Bottomley
2011-03-15 16:08         ` Vasiliy Kulikov
2011-03-15 16:32           ` James Bottomley
  -- strict thread matches above, loose matches on Subject: below --
2011-02-04 14:00 Vasiliy Kulikov
2011-02-07 19:38 ` Matthew Garrett

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1296818921.git.segoon@openwall.com \
    --to=segoon@openwall.com \
    --cc=James.Bottomley@suse.de \
    --cc=acpi4asus-user@lists.sourceforge.net \
    --cc=carlos@strangeworlds.co.uk \
    --cc=corentincj@iksaif.net \
    --cc=julia@diku.dk \
    --cc=khilman@deeprootsystems.com \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-omap@vger.kernel.org \
    --cc=linux-scsi@vger.kernel.org \
    --cc=linux@arm.linux.org.uk \
    --cc=luca.risolia@studio.unibo.it \
    --cc=mchehab@infradead.org \
    --cc=michaelc@cs.wisc.edu \
    --cc=mjg@redhat.com \
    --cc=open-iscsi@googlegroups.com \
    --cc=platform-driver-x86@vger.kernel.org \
    --cc=rtc-linux@googlegroups.com \
    --cc=sameo@linux.intel.com \
    --cc=socketcan-core@lists.berlios.de \
    --cc=srinidhi.kasagar@stericsson.com \
    --cc=sziwan@users.sourceforge.net \
    --cc=tony@atomide.com \
    --cc=wg@grandegger.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).