summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKees Cook <kees.cook@canonical.com>2010-04-22 12:19:17 -0700
committerGreg Kroah-Hartman <gregkh@suse.de>2010-05-26 14:32:11 -0700
commit4e0a098e423ee1067c2b6d0cf864002a6e701e95 (patch)
treece7f038605e7e41f574b5c44ad7fea4d4992e64e
parent5e54866e4de87f3eedcadd96fe12cf1544f374b5 (diff)
downloadlinux-stable-4e0a098e423ee1067c2b6d0cf864002a6e701e95.tar.gz
linux-stable-4e0a098e423ee1067c2b6d0cf864002a6e701e95.tar.bz2
linux-stable-4e0a098e423ee1067c2b6d0cf864002a6e701e95.zip
mmap_min_addr check CAP_SYS_RAWIO only for write
commit 4ae69e6b718589abe97c9625ccbb1e0bc95a8c0e upstream. Redirecting directly to lsm, here's the patch discussed on lkml: http://lkml.org/lkml/2010/4/22/219 The mmap_min_addr value is useful information for an admin to see without being root ("is my system vulnerable to kernel NULL pointer attacks?") and its setting is trivially easy for an attacker to determine by calling mmap() in PAGE_SIZE increments starting at 0, so trying to keep it private has no value. Only require CAP_SYS_RAWIO if changing the value, not reading it. Comment from Serge : Me, I like to write my passwords with light blue pen on dark blue paper, pasted on my window - if you're going to get my password, you're gonna get a headache. Signed-off-by: Kees Cook <kees.cook@canonical.com> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org> (cherry picked from commit 822cceec7248013821d655545ea45d1c6a9d15b3) Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
-rw-r--r--security/min_addr.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/min_addr.c b/security/min_addr.c
index e86f297522bf..f728728f193b 100644
--- a/security/min_addr.c
+++ b/security/min_addr.c
@@ -33,7 +33,7 @@ int mmap_min_addr_handler(struct ctl_table *table, int write,
{
int ret;
- if (!capable(CAP_SYS_RAWIO))
+ if (write && !capable(CAP_SYS_RAWIO))
return -EPERM;
ret = proc_doulongvec_minmax(table, write, buffer, lenp, ppos);