Bug#655175: initramfs-tools: /run/initramfs is user-writable

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#655175: initramfs-tools: /run/initramfs is user-writable
From: Roger Leigh <rleigh@debian.org>
Date: Sun, 08 Jan 2012 23:46:10 +0000
Message-id: <[🔎] 20120108234610.7018.84953.reportbug@ravenclaw.codelibre.net>
Reply-to: Roger Leigh <rleigh@debian.org>, 655175@bugs.debian.org

Package: initramfs-tools
Version: 0.99
Severity: important

% ls -ld /run/initramfs
drwsrwsrwt 2 root root 40 Jan  8 23:42 /run/initramfs

Is there any reason for this directory to be user-writable either
before or after the handover to /sbin/init?  AFAIK all the code
run in the initramfs is as root, and no users really exist at this
point, making the need for a user to write to it moot.  After the

When the system is booted and users can log in, there is nothing
to stop a user denial of service by filling up /run through the
creation of files in /run/initramfs.  I can't think of any valid
reason to give a user write access to a filesystem only intended
to be writable by system processes.

I would suggest creating it with 0755 permissions for safety and
security.


Regards,
Roger

-- Package-specific info:
-- initramfs sizes
-- /proc/cmdline
BOOT_IMAGE=/boot/vmlinuz-3.1.0-1-amd64 root=/dev/mapper/ravenclaw-root ro

-- resume
RESUME=/dev/mapper/ravenclaw-swap
-- /proc/filesystems
	btrfs
	ext4
	fuseblk

-- lsmod
Module                  Size  Used by
tun                    18337  2 
sit                    17561  0 
tunnel4                12629  1 sit
parport_pc             22364  0 
ppdev                  12763  0 
lp                     17149  0 
parport                31858  3 parport_pc,ppdev,lp
acpi_cpufreq           12935  1 
mperf                  12453  1 acpi_cpufreq
cpufreq_powersave      12454  0 
cpufreq_stats          12866  0 
cpufreq_conservative    13147  0 
cpufreq_userspace      12576  0 
binfmt_misc            12957  1 
fuse                   61981  1 
nfsd                  259717  2 
nfs                   312135  0 
lockd                  67328  2 nfsd,nfs
fscache                36739  1 nfs
auth_rpcgss            37143  2 nfsd,nfs
nfs_acl                12511  2 nfsd,nfs
sunrpc                173516  6 nfsd,nfs,lockd,auth_rpcgss,nfs_acl
dm_snapshot            32737  5 
loop                   22597  0 
firewire_sbp2          18077  0 
kvm_intel             121792  0 
kvm                   278183  1 kvm_intel
snd_hda_codec_hdmi     26548  1 
snd_hda_codec_analog    77709  1 
snd_hda_intel          26182  0 
snd_hda_codec          72920  3 snd_hda_codec_hdmi,snd_hda_codec_analog,snd_hda_intel
snd_hwdep              13186  1 snd_hda_codec
snd_pcm_oss            41081  0 
snd_mixer_oss          17916  1 snd_pcm_oss
snd_pcm                63744  4 snd_hda_codec_hdmi,snd_hda_intel,snd_hda_codec,snd_pcm_oss
snd_seq_midi           12848  0 
snd_rawmidi            23060  1 snd_seq_midi
snd_seq_midi_event     13316  1 snd_seq_midi
radeon                648863  2 
snd_seq                45093  2 snd_seq_midi,snd_seq_midi_event
ttm                    48725  1 radeon
drm_kms_helper         27227  1 radeon
drm                   167371  4 radeon,ttm,drm_kms_helper
snd_timer              22917  2 snd_pcm,snd_seq
snd_seq_device         13176  3 snd_seq_midi,snd_rawmidi,snd_seq
i2c_i801               16870  0 
i2c_algo_bit           12841  1 radeon
snd                    52798  12 snd_hda_codec_hdmi,snd_hda_codec_analog,snd_hda_intel,snd_hda_codec,snd_hwdep,snd_pcm_oss,snd_mixer_oss,snd_pcm,snd_rawmidi,snd_seq,snd_timer,snd_seq_device
processor              27949  1 acpi_cpufreq
iTCO_wdt               17081  0 
iTCO_vendor_support    12704  1 iTCO_wdt
soundcore              13065  1 snd
i2c_core               23876  5 radeon,drm_kms_helper,drm,i2c_i801,i2c_algo_bit
psmouse                55543  0 
thermal_sys            18040  1 processor
evdev                  17562  3 
pcspkr                 12579  0 
snd_page_alloc         13003  2 snd_hda_intel,snd_pcm
power_supply           13475  1 radeon
serio_raw              12850  0 
asus_atk0110           17297  0 
button                 12937  0 
ext4                  312988  5 
mbcache                13065  1 ext4
jbd2                   62015  1 ext4
crc16                  12343  1 ext4
btrfs                 478019  1 
zlib_deflate           25638  1 btrfs
crc32c                 12656  1 
libcrc32c              12426  1 btrfs
dm_mod                 63353  49 dm_snapshot
raid1                  30716  1 
md_mod                 87742  2 raid1
sr_mod                 21899  0 
cdrom                  35401  1 sr_mod
sd_mod                 36136  6 
crc_t10dif             12348  1 sd_mod
usbhid                 36379  0 
hid                    77192  1 usbhid
uhci_hcd               26865  0 
ahci                   24997  4 
libahci                22860  1 ahci
libata                140545  2 ahci,libahci
firewire_ohci          31530  0 
skge                   40815  0 
firewire_core          48407  2 firewire_sbp2,firewire_ohci
crc_itu_t              12347  1 firewire_core
ehci_hcd               40215  0 
sky2                   45309  0 
scsi_mod              162376  4 firewire_sbp2,sr_mod,sd_mod,libata
usbcore               124095  4 usbhid,uhci_hcd,ehci_hcd

-- /etc/initramfs-tools/modules

-- /etc/kernel-img.conf
# Kernel image management overrides
# See kernel-img.conf(5) for details
do_symlinks = yes
do_bootloader = no
do_initrd = yes
link_in_boot = no

-- /etc/initramfs-tools/initramfs.conf
MODULES=most
BUSYBOX=y
KEYMAP=n
COMPRESS=gzip
BOOT=local
DEVICE=
NFSROOT=auto

-- /etc/initramfs-tools/update-initramfs.conf
update_initramfs=yes
backup_initramfs=no

-- /proc/mdstat
Personalities : [raid1] 
md1 : active raid1 sdb3[0] sda3[1]
      976752504 blocks super 1.2 [2/2] [UU]
      
unused devices: <none>

-- mkinitramfs hooks
/etc/initramfs-tools/hooks/:

/usr/share/initramfs-tools/hooks:
btrfs
busybox
dmsetup
fuse
keymap
klibc
lvm2
mdadm
ntfs_3g
thermal
udev


-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (550, 'unstable'), (500, 'testing'), (400, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.1.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages initramfs-tools depends on:
ii  cpio               2.11-7
ii  findutils          4.4.2-4
ii  klibc-utils        1.5.25-1.1
ii  module-init-tools  3.16-1
ii  udev               175-3

Versions of packages initramfs-tools recommends:
ii  busybox  1:1.19.3-5

Versions of packages initramfs-tools suggests:
ii  bash-completion  1:1.3-1

-- no debconf information

Reply to:

Prev by Date: Bug#652119: Bad pagetable 000f
Next by Date: Bug#597429: [spamfang1199@yahoo.de: Re: [radeon] firefox often crashes whole system]
Previous by thread: Processed: severity of 655152 is normal
Next by thread: Bug#597429: [spamfang1199@yahoo.de: Re: [radeon] firefox often crashes whole system]
Index(es):
- Date
- Thread