This patch changes the permissions of the /proc/bus/pci directory entry,
so, non-root users are restricted of accessing it's content.
It's also available at:
http://pearls.tuxedo-es.org/patches/security/proc-privacy-1_drivers_pci_proc.c.patch
--
Lorenzo Hernández García-Hierro <[EMAIL PROTECTED]>
[1024D/6F2B2DEC] & [2048g/9AE91A22][http://tuxedo-es.org]
diff -puN drivers/pci/proc.c~proc-privacy-1 drivers/pci/proc.c
--- linux-2.6.11/drivers/pci/proc.c~proc-privacy-1 2005-04-17 17:50:49.033817704 +0200
+++ linux-2.6.11-lorenzo/drivers/pci/proc.c 2005-04-17 17:55:11.321943848 +0200
@@ -565,7 +565,7 @@ static struct file_operations proc_pci_o
static void legacy_proc_init(void)
{
- struct proc_dir_entry * entry = create_proc_entry("pci", 0, NULL);
+ struct proc_dir_entry * entry = create_proc_entry("pci", S_IRUSR, NULL);
if (entry)
entry->proc_fops = &proc_pci_operations;
}
@@ -594,7 +594,7 @@ static int __init pci_proc_init(void)
{
struct proc_dir_entry *entry;
struct pci_dev *dev = NULL;
- proc_bus_pci_dir = proc_mkdir("pci", proc_bus);
+ proc_bus_pci_dir = proc_mkdir_mode("pci", S_IRUSR | S_IXUSR, proc_bus);
entry = create_proc_entry("devices", 0, proc_bus_pci_dir);
if (entry)
entry->proc_fops = &proc_bus_pci_dev_operations;
signature.asc
Description: This is a digitally signed message part
