Re: [PATCH 2/2] Revert "pstore: Honor dmesg_restrict sysctl on dmesg dumps"

From: Steven Rostedt
Date: Tue Aug 15 2017 - 20:35:29 EST


On Tue, 15 Aug 2017 17:29:38 -0700
Kees Cook <keescook@xxxxxxxxxxxx> wrote:

> On Tue, Aug 15, 2017 at 5:21 PM, Steven Rostedt <rostedt@xxxxxxxxxxx> wrote:
> > On Thu, 10 Aug 2017 13:36:35 -0700
> > Kees Cook <keescook@xxxxxxxxxxxx> wrote:
> >
> >> This reverts commit 68c4a4f8abc60c9440ede9cd123d48b78325f7a3, with
> >> various conflict clean-ups.
> >>
> >> With the default root directory mode set to 0750 now, the capability
> >> check was redundant.
> >
> > What's wrong with redundancy?
>
> In this case, it actually _blocks_ system builders from being able to
> define the access controls on pstore. :(

Then that should be stated in the change log, as it is the real reason
to revert, not just the fact that it is redundant.

Thanks,

-- Steve