SG_IO and security

From: Alan Cox
Date: Thu Aug 12 2004 - 08:20:43 EST

Next message: Andi Kleen: "Re: [4/4] Network packet tracer module using kprobes interface."
Previous message: Pavel Machek: "Re: [PATCH] SCSI midlayer power management"
Next in thread: Linus Torvalds: "Re: SG_IO and security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Since the entire thread seems to have died again unresolved I'd suggest
the following patch should get into 2.6.8 so that anyone with read
access to any block device cannot issue arbitary scsi commands to it
(like writes or firmware erase)

--- drivers/block/scsi_ioctl.c~ 2004-08-12 14:14:38.078821640 +0100
+++ drivers/block/scsi_ioctl.c 2004-08-12 14:14:38.079821488 +0100
@@ -115,6 +115,8 @@
char sense[SCSI_SENSE_BUFFERSIZE];
unsigned char cmd[BLK_MAX_CDB];

+ if (!capable(CAP_SYS_RAWIO))
+ return -EPERM;
if (hdr->interface_id != 'S')
return -EINVAL;
if (hdr->cmd_len > BLK_MAX_CDB)

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andi Kleen: "Re: [4/4] Network packet tracer module using kprobes interface."
Previous message: Pavel Machek: "Re: [PATCH] SCSI midlayer power management"
Next in thread: Linus Torvalds: "Re: SG_IO and security"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]