[security]: kernel ioctl()'s [2]

Chris Evans (chris@ferret.lmh.ox.ac.uk)
Thu, 1 Jul 1999 20:44:49 +0100 (GMT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Pavel Machek: "altalloc patch (you know, faster fsck) for 2.3.8"
Previous message: Chris Evans: "[security]: kernel ioctl()'s"

Hi,

Same area...

ext2 has the ioctl() EXT2_IOC_SETVERSION.

This allows _any_ user to set an inode's "version".

Unfortunately, in the case of ext2 directories, inode->i_version seems to
be used for consistency checks if operations sleep. Hence, allowing users
arbitrary write access to this value could be used for mischief.

I would suggest that setting of this inode attribute should be limited to
privileged users.

More detailed analysis of what could be done with this is welcome.

Cheers
Chris

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Pavel Machek: "altalloc patch (you know, faster fsck) for 2.3.8"
Previous message: Chris Evans: "[security]: kernel ioctl()'s"