|
Message-ID: <CAKTCnzkfNjDJpOwMnhzH0OVZOJWRWgOSyP-n=KyXXZM_M1uq4Q@mail.gmail.com> Date: Mon, 19 Sep 2011 22:50:02 +0530 From: Balbir Singh <bsingharora@...il.com> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: Vasiliy Kulikov <segoon@...nwall.com>, Shailabh Nagar <nagar@...ibm.com>, linux-kernel@...r.kernel.org, security@...nel.org, Eric Paris <eparis@...hat.com>, Stephen Wilson <wilsons@...rt.ca>, KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>, David Rientjes <rientjes@...gle.com>, Andrew Morton <akpm@...ux-foundation.org>, Balbir Singh <balbir@...ux.vnet.ibm.com>, kernel-hardening@...ts.openwall.com Subject: Re: [Security] [PATCH 2/2] taskstats: restrict access to user On Mon, Sep 19, 2011 at 10:10 PM, Linus Torvalds <torvalds@...ux-foundation.org> wrote: > > On Thu, Jun 30, 2011 at 8:02 PM, Balbir Singh <bsingharora@...il.com> wrote: > >> > >> So that's why I think it should be marked BROKEN. What applications > >> actually depend on this? iotop and what else? Because if it's just > >> iotop, I do suspect we might be better off telling people "ok, > >> disabling this will break iotop, but quite frankly, you're better off > >> without it". > > > > I beg to differ, due to the reasons above. I'd rather find time and > > fix the pending issues (network namespace), you've fixed the pid > > namespace issue. I'd also look for exiting listeners > > So nothing ever happened on this thread, afaik. > > You can still read sensitive information at a byte granularity with taskstats. > > Balbir never sent any of the fixes he was supposed to, and none of the > namespace issues have gotten fixed. > > It's now almost three months later, and things are still equally broken. > > I think we need to just disable TASKSTAT's. Nobody maintains it, it's > been a known issue for months, people pointed out problems and even > sent patches, and nothing happened. > > Maybe we can minimize it with the appended patch, but dammit, we need > to do *something*. If I don't get any reasonable replies, I'm really > going to have to mark this as known-BROKEN, since nothing ever > happens, and the "maintainer" clearly doesn't care about security > issues. > Sorry, I've been bogged down with work issues and have not had time to look at it. If someone else wants to take a look while I am busy, I'd be happy. The patch you've sent seems reasonable, but I'd suggest a changelog "Change taskstats user interface, henceforth we need (for security purposes) CAP_SYS_ADMIN to receive taskstats data on a particular CPU, a subset or all CPUs on the system. The patch also rounds the data returned to the KiloByte boundary for IO parameters, read_bytes, write_bytes and cancelled_write_bytes" Thanks for looking into this. Balbir
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.