I noticed that the Android logging subsystem does not presently enforce
any restriction on the ability to flush logs. Would it be reasonable to
impose the same restrictions on log flushing as exists for other
privileged logging operations (such as reading), as shown by the below
patch.
Would such a patch be acceptable if uploaded to AOSP and if so, which
kernel tree and branch should be targeted?
diff --git a/drivers/staging/android/logger.c
b/drivers/staging/android/logger.c
index 3e09d57..c0b2954 100644
--- a/drivers/staging/android/logger.c
+++ b/drivers/staging/android/logger.c
@@ -633,6 +633,13 @@ static long logger_ioctl(struct file *file,
unsigned int cmd, unsigned long arg)
ret = -EBADF;
break;
}
+
+ if (!(in_egroup_p(file->f_dentry->d_inode->i_gid)
+ || capable(CAP_SYSLOG))) {
+ ret = -EBADF;
+ break;
+ }
+
list_for_each_entry(reader, &log->readers, list)
reader->r_off = log->w_off;
log->head = log->w_off;
--
unsubscribe: android-kernel+unsubscr...@googlegroups.com
website: http://groups.google.com/group/android-kernel
