Non-root user may read the key back after root wrote it there. This removes read access to everyone but root.
Signed-off-by: Yehezkel Bernat <[email protected]> --- drivers/thunderbolt/switch.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/thunderbolt/switch.c b/drivers/thunderbolt/switch.c index 69fde0b..8510abc 100644 --- a/drivers/thunderbolt/switch.c +++ b/drivers/thunderbolt/switch.c @@ -826,7 +826,7 @@ static ssize_t key_store(struct device *dev, struct device_attribute *attr, mutex_unlock(&switch_lock); return ret; } -static DEVICE_ATTR_RW(key); +static DEVICE_ATTR(key, 0600, key_show, key_store); static ssize_t nvm_authenticate_show(struct device *dev, struct device_attribute *attr, char *buf) -- 2.7.4
