github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-15 18:42:46 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
c71b02e4d2
linux/include
History
Kees Cook c71b02e4d2 Revert "pstore: Honor dmesg_restrict sysctl on dmesg dumps" 
This reverts commit 68c4a4f8ab, with
various conflict clean-ups.

The capability check required too much privilege compared to simple DAC
controls. A system builder was forced to have crash handler processes
run with CAP_SYSLOG which would give it the ability to read (and wipe)
the _current_ dmesg, which is much more access than being given access
only to the historical log stored in pstorefs.

With the prior commit to make the root directory 0750, the files are
protected by default but a system builder can now opt to give access
to a specific group (via chgrp on the pstorefs root directory) without
being forced to also give away CAP_SYSLOG.

Suggested-by: Nick Kralevich <nnk@google.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Petr Mladek <pmladek@suse.cz>
Reviewed-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
2017-08-17 16:29:19 -07:00
..
acpi More ACPI updates for v4.13-rc1 2017-07-10 15:19:40 -07:00
asm-generic Merge branch 'work.uaccess-unaligned' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-15 11:17:52 -07:00
clocksource
crypto
drm i915, amd and some core fixes + mediatek color support 2017-07-13 11:26:18 -07:00
dt-bindings Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus 2017-07-15 10:59:54 -07:00
keys
kvm
linux Revert "pstore: Honor dmesg_restrict sysctl on dmesg dumps" 2017-08-17 16:29:19 -07:00
math-emu
media main drm pull for v4.13 2017-07-09 18:48:37 -07:00
memory
misc cxl: Export library to support IBM XSL 2017-07-03 23:07:03 +10:00
net Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-07-20 16:33:39 -07:00
pcmcia
ras
rdma IB/cma: Fix reference count leak when no ipv4 addresses are set 2017-07-20 11:24:13 -04:00
rxrpc
scsi Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending 2017-07-13 14:27:32 -07:00
soc Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2017-07-05 12:31:59 -07:00
sound ASoC: Updates for v4.13 2017-07-03 19:51:42 +02:00
target iscsi-target: Add login_keys_workaround attribute for non RFC initiators 2017-07-11 10:56:39 -07:00
trace mm, tree wide: replace __GFP_REPEAT by __GFP_RETRY_MAYFAIL with more useful semantic 2017-07-12 16:26:03 -07:00
uapi TTY/Serial fixes for 4.13-rc2 2017-07-22 09:00:24 -07:00
video
xen xen/balloon: don't online new memory initially 2017-07-23 08:13:18 +02:00