On Mon, Mar 14, 2011 at 10:26:05PM -0400, James Bottomley wrote: > On Sat, 2011-03-12 at 23:23 +0300, Vasiliy Kulikov wrote: > > > Vasiliy Kulikov (20): > > > mach-ux500: mbox-db5500: world-writable sysfs fifo file > > > leds: lp5521: world-writable sysfs engine* files > > > leds: lp5523: world-writable engine* sysfs files > > > misc: ep93xx_pwm: world-writable sysfs files > > > rtc: rtc-ds1511: world-writable sysfs nvram file > > > scsi: aic94xx: world-writable sysfs update_bios file > > > scsi: iscsi: world-writable sysfs priv_sess file > > > > These are still not merged :( > > OK, so I've not been tracking where we are in the dizzying ride on > security systems. However, I thought we landed up in the privilege > separation arena using capabilities. That means that world writeable > files aren't necessarily a problem as long as the correct capabilities > checks are in place, right?
There are no capability checks on sysfs files right now, so these all need to be fixed. thanks, greg k-h -- You received this message because you are subscribed to the Google Groups "open-iscsi" group. To post to this group, send email to open-iscsi@googlegroups.com. To unsubscribe from this group, send email to open-iscsi+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/open-iscsi?hl=en.
