Re: [PATCH] [SCSI] megaraid_sas: remove sysfs dbg_lvl world writeablepermissions

From: Eugene Teo
Date: Wed Dec 02 2009 - 19:09:02 EST

Next message: Robert Hancock: "Re: root hub lost power or was reset"
Previous message: Eric W. Biederman: "Re: [PATCH 2/2] vfs: force reval on dentry of bind mounted files on FS_REVAL_DOT filesystems"
In reply to: Casey Dahlin: "[PATCH] [SCSI] megaraid_sas: remove sysfs dbg_lvl world writeablepermissions"
Next in thread: Yang, Bo: "RE: [PATCH] [SCSI] megaraid_sas: remove sysfs dbg_lvl worldwriteable permissions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 12/02/2009 11:17 PM, Casey Dahlin wrote:

From: Bryn M. Reeves<bmr@xxxxxxxxxx>

/sys/bus/pci/drivers/megaraid_sas/poll_mode_io defaults to being
world-writable, which seems bad (letting any user affect kernel driver
behavior).

This turns off group and user write permissions, so that on typical
production systems only root can write to it.

Signed-off-by: Bryn M. Reeves<bmr@xxxxxxxxxx>
Signed-off-by: Casey Dahlin<cdahlin@xxxxxxxxxx>

CC: Eugene Teo <eteo@xxxxxxxxxx>

The subject should read: megaraid_sas: remove poll_mode_io world writeable permissions instead, and this has been assigned with CVE-2009-3939.

Thanks, Eugene
--
Eugene Teo / Red Hat Security Response Team
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Robert Hancock: "Re: root hub lost power or was reset"
Previous message: Eric W. Biederman: "Re: [PATCH 2/2] vfs: force reval on dentry of bind mounted files on FS_REVAL_DOT filesystems"
In reply to: Casey Dahlin: "[PATCH] [SCSI] megaraid_sas: remove sysfs dbg_lvl world writeablepermissions"
Next in thread: Yang, Bo: "RE: [PATCH] [SCSI] megaraid_sas: remove sysfs dbg_lvl worldwriteable permissions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]