[RFC] [PATCH] [SECURITY] tightening ioctl()'s

Chris Evans (chris@ferret.lmh.ox.ac.uk)
Fri, 2 Jul 1999 00:45:43 +0100 (GMT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alexander Viro: "Re: [security]: kernel ioctl()'s [3]"
Previous message: Andrea Arcangeli: "hashtables allocated with __get_free_pages()"

Hi,

Here are patches to make use of two ioctl()'s privileged. I outlined the
dangers in previous mails. Comments?

Chris

Patch 1) - APPLIES TO fs/ioctl.c

20a21,22
> if (!capable(CAP_SYS_ADMIN))
> return -EPERM;

Patch 2) - APPLIES TO fs/ext2/ioctl.c

74c74
< if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER))

--- > if (!capable(CAP_SYS_ADMIN))

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Alexander Viro: "Re: [security]: kernel ioctl()'s [3]"
Previous message: Andrea Arcangeli: "hashtables allocated with __get_free_pages()"