Re: [vendor-sec] Re: [BUG/PATCH/RFC] Oops while completing asyncUSB via usbdevio

From: Linus Torvalds
Date: Tue Oct 11 2005 - 18:46:46 EST




On Tue, 11 Oct 2005, Greg KH wrote:
>
> Ugh, but it looks like Linus already committed your previous patch, with
> some changes by him. Care to send a delta from what is currently in his
> tree (2.6.14-rc4 has it) and this patch?

I _think_ I fixed the disconnect thing too, although I think Harald's
naming for the disconnect structure was cleaner, so I wouldn't mind having
a (tested) patch on top of mine..

To some degree it would actually be nice to totally abstract that
"pid+uid+euid" thing out as a structure of its own, and have the signal
handling code fill it up (helper inline function in <linux/sched.h> or
something), and have the users just use what to them is a totally opaque
"signal sender token".

That would allow us to improve or change the validation of the thing
later.

But for 2.6.14, the most important thing would be to verify that the oops
cannot happen, and that you can't send signals to setuid programs by doing
an "open(usb) + fork(keep it open in the child) + exec(suid in the
parent)"

Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/