Bjørn Mork wrote:
1) mode and owner is not propagated to files below the mount point:
That's intentional to keep things simple. If you can control the x bit
on the mount point then you can control who can reach files beneath.
2) ownership and mode seems to be shared amoung all mount points,
Ben Hutchings b...@decadent.org.uk writes:
I would like to address this by backporting this feature:
commit d6e486868cde585842d55ba3b6ec57af090fc343
Author: Ludwig Nussel ludwig.nus...@suse.de
Date: Wed Jan 25 11:52:28 2012 +0100
debugfs: add mode, uid and gid options
and then
On Fri, 13 Jul 2012, Ben Hutchings wrote:
I certainly consider mounting of debugfs to be significant security
liability. I'm not at all happy that people use it as the basis for
Seconded. I know of at least three ways to hardcrash boxes through
debugfs (system specific, not a kernel bug), and
Package: src:linux
Version: 3.2.21-3
Severity: important
Tags: security
As discussed here
http://lists.linux-foundation.org/pipermail/ksummit-2012-discuss/2012-July/000891.html.
I certainly consider mounting of debugfs to be significant security
liability. I'm not at all happy that people use
On 13.07.2012 05:37, Ben Hutchings wrote:
Package: src:linux
Version: 3.2.21-3
Severity: important
Tags: security
As discussed here
http://lists.linux-foundation.org/pipermail/ksummit-2012-discuss/2012-July/000891.html.
I certainly consider mounting of debugfs to be significant security
]] Michael Biebl
Tollef, do you know why systemd mounts debugfs by default?
No, I don't. Just asked upstream.
Is there something that should be done in the systemd package?
If it's a bad idea to mount it by default, we shouldn't, I think.
--
Tollef Fog Heen
UNIX is user friendly, it's
6 matches
Mail list logo