Mailinglist Archive: opensuse-factory (564 mails)

[Greg KH <gregkh@xxxxxxx>]

On Mon, Dec 05, 2011 at 05:26:02PM +0100, Marcus Meissner wrote:
> On Mon, Dec 05, 2011 at 08:22:01AM -0800, Greg KH wrote:
> > On Mon, Dec 05, 2011 at 05:11:58PM +0100, Marcus Meissner wrote:
> > > Hi,
> > >
> > > is it necessary that "debugfs" is mounted by default?
> >
> > perf needs/wants it, as does other things that we need for suportability
> > (usb device list, etc.)
> >
> > > It exposes too much of the kernel readable (and so potentially
> > > exploitable) to the non-root user.
> >
> > What is exploitable in debugfs, and "too readable"?
>
> I do not know if anything is exploitable. This is also more a look into
> the future.
>
> Too readable as in "exposing too much information normal users do not need".

Again, what is exploitable today, it will be fixed.

> Seeing that even interrupt numbers / timings are used to guess passwords
> nearly any information can be a side channel of sensitive information.

I understand your feeling that we are exposing "too much", but without a
specific example of what is wrong here, I'm not going to want to see
anything changed.

> So:
> Does "perf" need to run as user, or can it just be run as "root"?

It can run as user, and it provides very good statistics as a user, you
should try it sometime :)

> Could we restrict the mount permissions of debugfs to only be root readable?

No, a patch to do so was rejected upstream for the reasons I cite above.

thanks,

greg k-h
-- 
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx