Hi Frank, Attached is the patch integrating dmcrypt-get-device functionality with code in eject.c. Please let me know if you have any comments or suggestions on the patch. I have created this patch over the latest eject_2.1.5+deb1+cvs20081104-12 version.
Thanks, Bhushan Jain ________________________________________ From: Bhushan Jain Sent: Sunday, December 09, 2012 4:51 PM To: Frank Lichtenheld; 695...@bugs.debian.org Subject: RE: Bug#695504: eject: Avoid setuid to root for dmcrypt-get-device ________________________________________ From: flichtenhel...@gmail.com [flichtenhel...@gmail.com] on behalf of Frank Lichtenheld [dj...@debian.org] Sent: Sunday, December 09, 2012 9:16 AM To: Bhushan Jain; 695...@bugs.debian.org Subject: Re: Bug#695504: eject: Avoid setuid to root for dmcrypt-get-device 2012/12/9 Bhushan Jain <bpj...@cs.stonybrook.edu> > Dear Maintainer, > I noticed that the only reason dmcrypt-get-device (from eject package) needs > setuid privilege is to read the major:minor numbers (unless I have missed > something). > A lot of distributions are trying to avoid use of the setuid bit because it > can potentially introduce a privilege escalation attack vector. > I think the same thing could be accomplished by reading the major:minor > device numbers through a sys file, and then eliminate the need for > dmcrypt-get-device to be setuid-to-root. > The major:minor numbers are available in the file /sys/block/dm-*/dev and the > corresponding device name can be confirmed from file /sys/block/dm-*/dm/name. > Martin Pitt - the author of dmcrypt-get-device.c - suggested that I should > send the patch here and you could help integrate and comment on the patch. > Attached is the patch for dmcrypt-get-device.c. Thanks, looks reasonable (although I don't have a setup currently to test it). Questions and comments: * Since the only reason this code is in a separate binary is the setuid bit, the code should probably be integrated directly into eject. Would you be willing to extend your patch to do that? Sure. I will send a patch for eject package soon. * Do you know if that code is dependent on a recent kernel version or if it works for older ones, too? (e.g. Debian stable) It is not dependent on recent kernel version. Infact, I have confirmed that it works on kernel version 2.6.35-22 as well. Cheers, -- Frank Lichtenheld <dj...@debian.org> Thanks, Bhushan Jain
eject_2.1.5+deb1+cvs20081104-12-no-dmcrypt-get-device.diff.gz
Description: eject_2.1.5+deb1+cvs20081104-12-no-dmcrypt-get-device.diff.gz
