On Sun, 30 Jun 2002, Petr Vandrovec wrote:
> On Sun, Jun 30, 2002 at 06:52:58PM +0200, Bartlomiej Zolnierkiewicz wrote:
> >
> > I hope you dont mind Petr.
>
> No problem.
>
> But I have one, unrelated... Today I found that VMware does not run
> on 2.5.24 with rawdisks for non-root users because of ioctl(hdd, HDIO_GETGEO, ...)
> is guarded by "if (!capable(CAP_SYS_ADMIN)) return -EACCES;". And so it
> fails although user has read-write access to /dev/hdX.
>
> Is this change really intentional? It is GET, not SET operation, and user has
It changed in IDE-60, comment in ioctl.c says that:
/* Contrary to popular beleve we disallow even the reading of the ioctl
* values for users which don't have permission too. We do this becouse
* such information could be used by an attacker to deply a simple-user
* attack, which triggers bugs present only on a particular
* configuration.
*/
But I dont think HDIO_GET_* can disclose any meaningful information
to attacker and attacker doesnt have direct access to hardware,
and if he has we have more serious problems to worry about.
[ There is more risk that application programmers will screw
privilidged access, then attacker will get useful info :-) ]
So ata_ioctl() in ioctl.c needs trivial fix, untested one attached :).
It removes checks for CAP_SYS_ADMIN from HDIO_GET_* ioctls and adds
missing one to BLKRRPART ioctl (re-read partition table).
> access to /dev/hdX. If this change is intentional, I'll recommend VMware
> to gain priviledges around disk geometry accesses, but I do not think that
> user should need SYS_ADMIN for retrieving disk geometry.
> Thanks,
> Petr Vandrovec
> vandrove@vc.cvut.cz
Greets.
-- Bartlomiej
This archive was generated by hypermail 2b29 : Sun Jun 30 2002 - 22:00:15 EST