On 10/09/2012 12:01 PM, csgrewa wrote:
> I noticed that the Android logging subsystem does not presently enforce
> any restriction on the ability to flush logs. Would it be reasonable to
> impose the same restrictions on log flushing as exists for other
> privileged logging operations (such as reading), as shown by the below
> patch.
>
> Would such a patch be acceptable if uploaded to AOSP and if so, which
> kernel tree and branch should be targeted?
I don't know if the code below is correct or not (I'm not familiar with
capabilities work). However, if the Android kernel developers think
it's worthwhile, it might be easier to submit it upstream to the kernel
mailing list, rather than into an AOSP repository.
-- Tim
>
> diff --git a/drivers/staging/android/logger.c
> b/drivers/staging/android/logger.c
> index 3e09d57..c0b2954 100644
> --- a/drivers/staging/android/logger.c
> +++ b/drivers/staging/android/logger.c
> @@ -633,6 +633,13 @@ static long logger_ioctl(struct file *file,
> unsigned int cmd, unsigned long arg)
> ret = -EBADF;
> break;
> }
> +
> + if (!(in_egroup_p(file->f_dentry->d_inode->i_gid)
> + || capable(CAP_SYSLOG))) {
> + ret = -EBADF;
> + break;
> + }
> +
> list_for_each_entry(reader, &log->readers, list)
> reader->r_off = log->w_off;
> log->head = log->w_off;
>
--
=============================
Tim Bird
Architecture Group Chair, CE Workgroup of the Linux Foundation
Senior Staff Engineer, Sony Network Entertainment
=============================
--
unsubscribe: [email protected]
website: http://groups.google.com/group/android-kernel
