2012/12/9 Bhushan Jain <bpj...@cs.stonybrook.edu> > Dear Maintainer, > I noticed that the only reason dmcrypt-get-device (from eject package) needs > setuid privilege is to read the major:minor numbers (unless I have missed > something). > A lot of distributions are trying to avoid use of the setuid bit because it > can potentially introduce a privilege escalation attack vector. > I think the same thing could be accomplished by reading the major:minor > device numbers through a sys file, and then eliminate the need for > dmcrypt-get-device to be setuid-to-root. > The major:minor numbers are available in the file /sys/block/dm-*/dev and the > corresponding device name can be confirmed from file /sys/block/dm-*/dm/name. > Martin Pitt - the author of dmcrypt-get-device.c - suggested that I should > send the patch here and you could help integrate and comment on the patch. > Attached is the patch for dmcrypt-get-device.c.
Thanks, looks reasonable (although I don't have a setup currently to test it). Questions and comments: * Since the only reason this code is in a separate binary is the setuid bit, the code should probably be integrated directly into eject. Would you be willing to extend your patch to do that? * Do you know if that code is dependent on a recent kernel version or if it works for older ones, too? (e.g. Debian stable) Cheers, -- Frank Lichtenheld <dj...@debian.org> -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
