On Thu, Apr 26, 2001 at 03:17:54PM -0400, Alexander Viro wrote:
> On Thu, 26 Apr 2001, I wrote:
> > On Thu, 26 Apr 2001, Linus Torvalds wrote:
> > > I see the race, but I don't see how you can actually trigger it.
> > >
> > > Exactly _who_ does the "read from device" part? Somebody doing a
> > > "fsck" while the filesystem is mounted read-write and actively written
> > > to? Yeah, you'd get disk corruption that way, but you'll get it regardless
> > > of this bug.
> OK, I think I've a better explanation now:
> Suppose /dev/hda1 is owned by root.disks and permissions are 640.
> It is mounted read-write.
> Process foo belongs to pfy.staff. PFY is included into disks, but doesn't
> have root. I claim that he should be unable to cause fs corruption on
> Currently foo _can_ cause such corruption, even though it has nothing
> resembling write permissions for device in question.
> IMO it is wrong. I'm not saying that it's a real security problem. I'm
> not saying that PFY is not idiot or that his actions make any sense.
> However, I think that situation when he can do that without write
> access to device is just plain wrong.
> Does the above make sense?
Sure. And as said `dump` has the same issues.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to firstname.lastname@example.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Apr 30 2001 - 21:00:16 EST