From: Sarah Newman <srn@prgmr.com>
To: Tilman Schmidt <tilman@imap.cc>, Karel Zak <kzak@redhat.com>
Cc: "Wayne R. Roth" <wayneroth42@gmail.com>, util-linux@vger.kernel.org
Subject: Re: [PATCH] mkswap: Add warnings for insecure device permissions/owners
Date: Fri, 22 Jan 2016 11:14:26 -0800 [thread overview]
Message-ID: <56A27F92.6020309@prgmr.com> (raw)
In-Reply-To: <56A25241.8050000@imap.cc>
On 01/22/2016 08:01 AM, Tilman Schmidt wrote:
> Am 21.01.2016 um 23:19 schrieb Sarah Newman:
>> This patch does not break any existing behavior. The worst case possibility from accepting this patch is it will annoy some people, and best case it
>> will save millions of devices from being shipped with insecure permissions.
>
> The worst case is it will train millions of administrators to ignore
> warning messages.
>
If the warnings in swapon are legitimate, they are just as legitimate in mkswap if the file owner check is only done when mkswap is run as root.
Regarding the legitimacy of the swapon warnings: do you honestly believe most of the people who will get these warnings will have intended to have
world readable swap or swap owned as a non-root owner?
When I search for "linux swap file" on google this is the second hit for me, the first being an arch linux wiki page:
https://www.linux.com/news/software/applications/8208-all-about-linux-swap-space "centos swap file" top two hits
https://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-swap-creating-file.html
https://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-swap-adding.html
I followed the instructions for CentOS on a CentOS 5 machine and it resulted in world readable swap. Those instructions came from Red Hat. If
documentation from Red Hat gets it wrong, it's presumably a very common error. I made this mistake myself and I knew better.
--Sarah
next prev parent reply other threads:[~2016-01-22 19:14 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-19 18:37 [PATCH] mkswap: Add warnings for insecure device permissions/owners Wayne R. Roth
2016-01-19 19:44 ` Mike Frysinger
2016-01-20 4:17 ` [PATCH] mkswap: Add warnings for insecure device permissions/owners Logic modified from sys-utils/swapon.c Wayne R. Roth
2016-01-20 4:58 ` Mike Frysinger
2016-01-20 6:09 ` [PATCH] mkswap: add " Wayne R. Roth
2016-01-26 10:35 ` Karel Zak
2016-01-20 9:39 ` [PATCH] mkswap: Add warnings for insecure device permissions/owners Sami Kerola
2016-01-20 10:30 ` Karel Zak
2016-01-21 22:19 ` Sarah Newman
2016-01-22 16:01 ` Tilman Schmidt
2016-01-22 19:14 ` Sarah Newman [this message]
2016-01-22 22:03 ` Sami Kerola
2016-01-23 16:22 ` Karel Zak
2016-01-24 11:09 ` Sami Kerola
2016-01-25 19:55 ` Sami Kerola
2016-01-26 10:42 ` Karel Zak
2016-01-26 16:28 ` Sarah Newman
2016-01-25 21:39 ` Sarah Newman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56A27F92.6020309@prgmr.com \
--to=srn@prgmr.com \
--cc=kzak@redhat.com \
--cc=tilman@imap.cc \
--cc=util-linux@vger.kernel.org \
--cc=wayneroth42@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox