[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: XATTR structure for biosfs entries



Hi Ulrich,

> |> Ah, yes, this one doesn't sound bad :-) but just at this moment a more
> |> general problems comes to my mind: If the device driver has full access
> |> to its XATTR field, it can also change its own uid/gid or so. This won't
> |> matter for the built-in ones, but someone _could_ write a driver which
> |> can self-change its uid to superuser... Looks a bit like a security hole :-(
> |>
>
> Well, if you can put your own device driver into the system folder, then
> THAT is a security hole, as a device driver can (in priciple) do anything
> it wants, even change the uid of the current process, and it does not need
> access to its own file uid/gid field. I think this is definitly not a
> security hole.

Well you mustn't put an XDD driver into the system folder, you can also
start it up using "normal" dcntl's and come to the same problem... :-(

The longer I think about this, the more my head begins to hurt...

So, to make it really secure, it looks like Dcntl's on the biosfs should
be limited to superuser processes.

bye,
TeSche
-- 
PS: If the above written looks weird, than that's because it probably IS.
WhoDunnIt: Torsten Scherer (Schiller, TeSche...)
Technical Faculty, University of Bielefeld, Germany (52'5"N 8'35"E)
EMail: itschere@techfak.uni-bielefeld.de / tesche@dave.hrz.uni-bielefeld.de