[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: XATTR structure for biosfs entries

Hi Torsten,

|> > I think the best way to do it would be a new Dcntl on /dev which allows
|> > the device driver to query the address of its supporting structure in
|> > the kernel memory...
|> Ah, yes, this one doesn't sound bad :-) but just at this moment a more
|> general problems comes to my mind: If the device driver has full access
|> to its XATTR field, it can also change its own uid/gid or so. This won't
|> matter for the built-in ones, but someone _could_ write a driver which
|> can self-change its uid to superuser... Looks a bit like a security hole :-(

Well, if you can put your own device driver into the system folder, then
THAT is a security hole, as a device driver can (in priciple) do anything
it wants, even change the uid of the current process, and it does not need
access to its own file uid/gid field. I think this is definitly not a
security hole.


| Ulrich Kuehn  | Internet:                  | Life is uncertain --  |
| Cand.Math.Inf | kuehn@math.uni-muenster.de | eat the dessert first |