* sticky bits in /proc etc
@ 2020-06-10 14:24 jim.cromie
2020-06-11 3:37 ` Valdis Klētnieks
0 siblings, 1 reply; 3+ messages in thread
From: jim.cromie @ 2020-06-10 14:24 UTC (permalink / raw)
To: kernelnewbies
Id like to ask about a possible new use for file and directory sticky bits,
or setuid bits, to address the root-only use of /proc (etc) files
this needs root
echo module kvm +p > /proc/dynamic_debug/control
how about this ?
cat root-owned-readonly-file > /proc/dynamic_debug/control
the root-owned-file can define a fixed set of dprintk enablements,
and since its ro, its contents are controlled.
is there some combination of special-bits on the source (ro root owned)
and destination (root owned)
that could safely allow joe-user to cat that file into control ?
If it could fit here, it might then be a general workaround to root-shell access
for /proc /sys manipulations
_______________________________________________
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: sticky bits in /proc etc
2020-06-10 14:24 sticky bits in /proc etc jim.cromie
@ 2020-06-11 3:37 ` Valdis Klētnieks
2020-06-11 15:07 ` jim.cromie
0 siblings, 1 reply; 3+ messages in thread
From: Valdis Klētnieks @ 2020-06-11 3:37 UTC (permalink / raw)
To: jim.cromie; +Cc: kernelnewbies
[-- Attachment #1.1: Type: text/plain, Size: 1006 bytes --]
On Wed, 10 Jun 2020 08:24:17 -0600, jim.cromie@gmail.com said:
> Id like to ask about a possible new use for file and directory sticky bits,
> or setuid bits, to address the root-only use of /proc (etc) files
The sticky bit and setuid/gid bits already have meanings for directories,
and changing the semantics will break existing code.
> this needs root
>
> echo module kvm +p > /proc/dynamic_debug/control
>
> how about this ?
>
> cat root-owned-readonly-file > /proc/dynamic_debug/control
Nope, doesn't work that way, because the file in /proc has no way to tell that
it's cat doing it from a root-owned file, versus cat doing it from a
hacker-owned file. As far as the /proc file is concerned, the "echo" and "cat"
commands are identical.
If you have an actual need for non-root users to do this, there's always the
fact that 'sudo' can be restricted to specific commands for the user, and/or
the use of set-UID helper programs that validate the request and then issue it
on the user's behalf.
[-- Attachment #1.2: Type: application/pgp-signature, Size: 832 bytes --]
[-- Attachment #2: Type: text/plain, Size: 170 bytes --]
_______________________________________________
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: sticky bits in /proc etc
2020-06-11 3:37 ` Valdis Klētnieks
@ 2020-06-11 15:07 ` jim.cromie
0 siblings, 0 replies; 3+ messages in thread
From: jim.cromie @ 2020-06-11 15:07 UTC (permalink / raw)
To: Valdis Klētnieks; +Cc: kernelnewbies
On Wed, Jun 10, 2020 at 9:37 PM Valdis Klētnieks
<valdis.kletnieks@vt.edu> wrote:
>
> On Wed, 10 Jun 2020 08:24:17 -0600, jim.cromie@gmail.com said:
> > Id like to ask about a possible new use for file and directory sticky bits,
> > or setuid bits, to address the root-only use of /proc (etc) files
>
> The sticky bit and setuid/gid bits already have meanings for directories,
> and changing the semantics will break existing code.
>
ok, Id more or less expected this.
the only escape might have been that those meanings pertain to a "real" FS,
and might be irrelevant to a synthetic/virtual fs like /proc or /sys
> > this needs root
> >
> > echo module kvm +p > /proc/dynamic_debug/control
> >
> > how about this ?
> >
> > cat root-owned-readonly-file > /proc/dynamic_debug/control
>
> Nope, doesn't work that way, because the file in /proc has no way to tell that
> it's cat doing it from a root-owned file, versus cat doing it from a
> hacker-owned file. As far as the /proc file is concerned, the "echo" and "cat"
> commands are identical.
>
> If you have an actual need for non-root users to do this, there's always the
> fact that 'sudo' can be restricted to specific commands for the user, and/or
> the use of set-UID helper programs that validate the request and then issue it
> on the user's behalf.
>
I have no actual need, more just wondering aloud.
thanks
Jim
_______________________________________________
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-06-11 15:10 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-06-10 14:24 sticky bits in /proc etc jim.cromie
2020-06-11 3:37 ` Valdis Klētnieks
2020-06-11 15:07 ` jim.cromie
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).