/proc/kmsg fix

Topi Miettinen (Topi.Miettinen@medialab.sonera.net)
Sun, 08 Nov 1998 19:37:11 +0200

This patch changes /proc/kmsg so that an open file descriptor can be passed
to non-privileged process, while still preserving other access
restrictions. This allows klogd to change user to nobody after opening
/proc/kmsg.

$ cat /proc/kmsg
cat: /proc/kmsg: Permission denied

(kill klogd when you test this)
Patched kernel:
# su - nobody -c /bin/cat </proc/kmsg
<6>sr0: CDROM not ready. Make sure there is a disc in the drive.

Unpatched:
# su - nobody -c /bin/cat </proc/kmsg
/bin/cat: -: Operation not permitted

-Topi

diff -ru linux-2.1.125/drivers/scsi/gdth.c.orig linux-2.1.125/drivers/scsi/gdth.c
--- linux-2.1.125/drivers/scsi/gdth.c.orig Wed Sep 9 18:56:58 1998
+++ linux-2.1.125/drivers/scsi/gdth.c Sat Nov 7 16:06:55 1998
@@ -167,8 +167,7 @@

#ifdef DEBUG_GDTH
static unchar DebugState = DEBUG_GDTH;
-extern int sys_syslog(int,char*,int);
-#define LOGEN sys_syslog(7,NULL,0);
+#define LOGEN do_syslog(7,NULL,0);
#define WAITSEC(a) mdelay((a)*1000)

#ifdef SLOWMOTION_GDTH
diff -ru linux-2.1.125/fs/proc/kmsg.c.orig linux-2.1.125/fs/proc/kmsg.c
--- linux-2.1.125/fs/proc/kmsg.c.orig Mon Aug 24 23:14:09 1998
+++ linux-2.1.125/fs/proc/kmsg.c Sat Nov 7 16:00:18 1998
@@ -17,23 +17,21 @@
extern unsigned long log_size;
extern struct wait_queue * log_wait;

-asmlinkage int sys_syslog(int type, char * bug, int count);
-
static int kmsg_open(struct inode * inode, struct file * file)
{
- return sys_syslog(1,NULL,0);
+ return do_syslog(1,NULL,0);
}

static int kmsg_release(struct inode * inode, struct file * file)
{
- (void) sys_syslog(0,NULL,0);
+ (void) do_syslog(0,NULL,0);
return 0;
}

static ssize_t kmsg_read(struct file * file, char * buf,
size_t count, loff_t *ppos)
{
- return sys_syslog(2,buf,count);
+ return do_syslog(2,buf,count);
}

static unsigned int kmsg_poll(struct file *file, poll_table * wait)
diff -ru linux-2.1.125/include/linux/kernel.h.orig linux-2.1.125/include/linux/kernel.h
--- linux-2.1.125/include/linux/kernel.h.orig Tue Oct 6 18:32:37 1998
+++ linux-2.1.125/include/linux/kernel.h Sat Nov 7 16:01:05 1998
@@ -50,6 +50,8 @@

extern int session_of_pgrp(int pgrp);

+extern int do_syslog(int type, char *buf, int len);
+
asmlinkage int printk(const char * fmt, ...)
__attribute__ ((format (printf, 1, 2)));

diff -ru linux-2.1.125/kernel/printk.c.orig linux-2.1.125/kernel/printk.c
--- linux-2.1.125/kernel/printk.c.orig Fri Aug 21 00:47:30 1998
+++ linux-2.1.125/kernel/printk.c Sat Nov 7 16:13:30 1998
@@ -123,15 +123,19 @@
*/
asmlinkage int sys_syslog(int type, char * buf, int len)
{
+ if ((type == 3) || capable(CAP_SYS_ADMIN))
+ return do_syslog(type, buf, len);
+ return -EPERM;
+}
+
+int do_syslog(int type, char *buf, int len)
+{
unsigned long i, j, count, flags;
int do_clear = 0;
char c;
- int error = -EPERM;
+ int error = 0;

lock_kernel();
- if ((type != 3) && !capable(CAP_SYS_ADMIN))
- goto out;
- error = 0;
switch (type) {
case 0: /* Close log */
break;

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/