________________________________________ From: flichtenhel...@gmail.com [flichtenhel...@gmail.com] on behalf of Frank Lichtenheld [dj...@debian.org] Sent: Sunday, December 09, 2012 9:16 AM To: Bhushan Jain; 695...@bugs.debian.org Subject: Re: Bug#695504: eject: Avoid setuid to root for dmcrypt-get-device
2012/12/9 Bhushan Jain <bpj...@cs.stonybrook.edu> > Dear Maintainer, > I noticed that the only reason dmcrypt-get-device (from eject package) needs > setuid privilege is to read the major:minor numbers (unless I have missed > something). > A lot of distributions are trying to avoid use of the setuid bit because it > can potentially introduce a privilege escalation attack vector. > I think the same thing could be accomplished by reading the major:minor > device numbers through a sys file, and then eliminate the need for > dmcrypt-get-device to be setuid-to-root. > The major:minor numbers are available in the file /sys/block/dm-*/dev and the > corresponding device name can be confirmed from file /sys/block/dm-*/dm/name. > Martin Pitt - the author of dmcrypt-get-device.c - suggested that I should > send the patch here and you could help integrate and comment on the patch. > Attached is the patch for dmcrypt-get-device.c. Thanks, looks reasonable (although I don't have a setup currently to test it). Questions and comments: * Since the only reason this code is in a separate binary is the setuid bit, the code should probably be integrated directly into eject. Would you be willing to extend your patch to do that? Sure. I will send a patch for eject package soon. * Do you know if that code is dependent on a recent kernel version or if it works for older ones, too? (e.g. Debian stable) It is not dependent on recent kernel version. Infact, I have confirmed that it works on kernel version 2.6.35-22 as well. Cheers, -- Frank Lichtenheld <dj...@debian.org> Thanks, Bhushan Jain -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org