Bug#681418: #681418 debugfs is a big security hole

To: Steve Cotton <steve@s.cotton.clara.co.uk>
Cc: 681418@bugs.debian.org
Subject: Bug#681418: #681418 debugfs is a big security hole
From: Timo Juhani Lindfors <timo.lindfors@iki.fi>
Date: Tue, 30 Jul 2013 15:37:52 +0300
Message-id: <[🔎] 84d2q0ql3z.fsf@sauna.l.org>
Reply-to: Timo Juhani Lindfors <timo.lindfors@iki.fi>, 681418@bugs.debian.org
In-reply-to: <[🔎] 20130730122411.GA20501@s.cotton.clara.co.uk> (Steve Cotton's message of "Tue, 30 Jul 2013 13:24:12 +0100")
References: <841u9lzt8b.fsf@sauna.l.org> <84sj21ye1v.fsf@sauna.l.org> <[🔎] 20130730122411.GA20501@s.cotton.clara.co.uk>

Steve Cotton <steve@s.cotton.clara.co.uk> writes:
> For me the mount point changes permission when mounted, and from the hard link count I guess you have it unmounted.
>
> tsunami:~# umount /sys/kernel/debug/
> tsunami:~# ls -ld /sys/kernel/debug/
> drwxr-xr-x 2 root root 0 Jul 30 13:08 /sys/kernel/debug/
> tsunami:~# mount -t debugfs none /sys/kernel/debug
> tsunami:~# ls -ld /sys/kernel/debug/
> drwx------ 16 root root 0 Jul 29 08:52 /sys/kernel/debug/
>
> I'm using a local build of 3.10.2.

That might indeed be true. I can't reproduce the bug with

linux-image-3.10-1-amd64   3.10.3-1

today.

Reply to:

References:
- Bug#681418: #681418 debugfs is a big security hole
  - From: Steve Cotton <steve@s.cotton.clara.co.uk>

Prev by Date: Bug#681418: #681418 debugfs is a big security hole
Next by Date: Bug#717174: corrupted kernel log file output
Previous by thread: Bug#681418: #681418 debugfs is a big security hole
Next by thread: Bug#717174: corrupted kernel log file output
Index(es):
- Date
- Thread