Re: [PATCH v2] devtmpfs: mount with noexec and nosuid
From: Kees Cook
Date: Tue Nov 20 2012 - 19:18:23 EST
On Tue, Nov 20, 2012 at 4:13 PM, Kay Sievers <kay@xxxxxxxx> wrote:
> On Tue, Nov 20, 2012 at 9:42 PM, Kees Cook <keescook@xxxxxxxxxxxx> wrote:
>> Since devtmpfs is writable, make the default noexec,nosuid as well. This
>> protects from the case of a privileged process having an arbitrary file
>> write flaw and an argumentless arbitrary execution (i.e. it would lack
>> the ability to run "mount -o remount,exec,suid /dev").
>
> This only really applies to systems without an initramfs when the
> kernel mounts /dev over the rootfs it has mounted; with an initramfs,
> /dev is always mounted by user code.
>
> Just checking, that is the use case you are doing that for?
Correct. We're using this in Chrome OS, which does not use an initramfs.
-Kees
--
Kees Cook
Chrome OS Security
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/