On Mon, Dec 05, 2011 at 05:26:02PM +0100, Marcus Meissner wrote:
On Mon, Dec 05, 2011 at 08:22:01AM -0800, Greg KH wrote:
On Mon, Dec 05, 2011 at 05:11:58PM +0100, Marcus Meissner wrote:
Hi,
is it necessary that "debugfs" is mounted by default?
perf needs/wants it, as does other things that we need for suportability (usb device list, etc.)
It exposes too much of the kernel readable (and so potentially exploitable) to the non-root user.
What is exploitable in debugfs, and "too readable"?
I do not know if anything is exploitable. This is also more a look into the future.
Too readable as in "exposing too much information normal users do not need".
Again, what is exploitable today, it will be fixed.
Seeing that even interrupt numbers / timings are used to guess passwords nearly any information can be a side channel of sensitive information.
I understand your feeling that we are exposing "too much", but without a specific example of what is wrong here, I'm not going to want to see anything changed.
So: Does "perf" need to run as user, or can it just be run as "root"?
It can run as user, and it provides very good statistics as a user, you should try it sometime :)
Could we restrict the mount permissions of debugfs to only be root readable?
No, a patch to do so was rejected upstream for the reasons I cite above. thanks, greg k-h -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org