On Thu, Jun 02, 2011 at 10:16:04AM -0700, Kees Cook wrote:
On Thu, Jun 02, 2011 at 09:11:51AM -0500, Serge Hallyn wrote:
Quoting Matt Zimmerman (m...@ubuntu.com):
Maybe I'm weird, but I use dmesg for a lot of normal tasks, not just
debugging problems which will require root to fix. The
On Thu, Jun 02, 2011 at 06:20:28PM +0100, Matt Zimmerman wrote:
On Thu, Jun 02, 2011 at 10:16:04AM -0700, Kees Cook wrote:
On Thu, Jun 02, 2011 at 09:11:51AM -0500, Serge Hallyn wrote:
Quoting Matt Zimmerman (m...@ubuntu.com):
Maybe I'm weird, but I use dmesg for a lot of normal tasks,
On Thu, Jun 2, 2011 at 8:14 AM, Matt Zimmerman m...@ubuntu.com wrote:
On Fri, May 27, 2011 at 10:17:59AM -0700, Kees Cook wrote:
On Fri, May 27, 2011 at 04:29:33PM +0100, Matt Zimmerman wrote:
On Thu, May 26, 2011 at 04:55:59PM -0700, Kees Cook wrote:
I won't say it doesn't complicate
On Thu, Jun 02, 2011 at 10:24:48AM -0700, Kees Cook wrote:
On Thu, Jun 02, 2011 at 06:20:28PM +0100, Matt Zimmerman wrote:
On Thu, Jun 02, 2011 at 10:16:04AM -0700, Kees Cook wrote:
Aren't we all supposed to use udisks --enumerate now? :)
I hadn't used that before. You got my hopes up,
On Thu, May 26, 2011 at 04:55:59PM -0700, Kees Cook wrote:
I won't say it doesn't complicate things, but I would like to point out
that everyone else's suggestion for this is to completely remove the values
from the dmesg report itself, rendering it unavailable to any user, even
root.
It
On Fri, May 27, 2011 at 7:44 AM, Kees Cook k...@ubuntu.com wrote:
The problem is that dmesg is just a log. The contents can't be adjusted
based on who is viewing it like (like has been done for the %pK sprintf
uses in /proc, /sys, etc). Things like Oops reports will go to dmesg, which
are
On Tue, May 24, 2011 at 11:46:48AM -0700, Kees Cook wrote:
As we have continued to close kernel address leaks, the kernel syslog
(dmesg) remains one of the last large places where information is being
reported. As such, I want to close this off from regular users so that
local kernel exploits
Excerpts from Kees Cook's message of Wed May 25 10:01:12 -0700 2011:
On Wed, May 25, 2011 at 08:07:14AM -0400, Scott Kitterman wrote:
On Tuesday, May 24, 2011 06:00:17 PM Clint Byrum wrote:
Excerpts from Kees Cook's message of Tue May 24 11:46:48 -0700 2011:
One unresolved problem is
On Wed, May 25, 2011 at 09:36:16PM +0200, Martin Pitt wrote:
So if needed, you can implement attach_dmesg() with
attach_root_command_outputs().
Ah, perfect. That'll be the way to go, then.
But aside from that I do agree with Steve that it both seems a lot
safer as well as more convenient and
On Wed, May 25, 2011 at 09:37:47PM +0200, Martin Pitt wrote:
Kees Cook [2011-05-25 12:05 -0700]:
Currently, the upstream kernel folks have rejected filtering printk.
That's not actually what I meant. Don't filter the outputs of printk()
with some regexps. I meant just kill the printk() call
On Wed, May 25, 2011 at 11:49:45AM -0700, Steve Langasek wrote:
On Tue, May 24, 2011 at 11:46:48AM -0700, Kees Cook wrote:
In Oneiric, I'd like to change the default availability of yet another
long-standing system debugging feature: dmesg.
I think this is a bridge too far. dmesg is a
On Wed, May 25, 2011 at 08:07:14AM -0400, Scott Kitterman wrote:
On Tuesday, May 24, 2011 06:00:17 PM Clint Byrum wrote:
Excerpts from Kees Cook's message of Tue May 24 11:46:48 -0700 2011:
One unresolved problem is that the local default user (who is part of
admin) is also part of the
Hi Brad,
On Tue, May 24, 2011 at 05:53:22PM -0700, Brad Figg wrote:
On 05/24/2011 04:49 PM, Kees Cook wrote:
On Tue, May 24, 2011 at 03:59:53PM -0700, Bryce Harrington wrote:
On Tue, May 24, 2011 at 11:46:48AM -0700, Kees Cook wrote:
Hello!
In Oneiric, I'd like to change the default
On Wed, May 25, 2011 at 06:41:52AM +0200, Martin Pitt wrote:
Kees Cook [2011-05-24 11:46 -0700]:
$ dmesg | grep -m1 text
[0.00] .text : 0xc100 - 0xc15112a1 (5188 kB)
Would it be possible to have the kernel just not log the addresses in
the first place? It seems kind of
Hello Kees, all,
Kees Cook [2011-05-25 10:03 -0700]:
Yeah, the problem is that it's not a one-time question (see the bug above),
so that each time we need privileges to gather data, apport will prompt for
the sudo password _again_. :(
One word: attach_root_command_outputs() :)
Hooks can and
On Wed, May 25, 2011 at 08:27:01PM +0200, Martin Pitt wrote:
Hello Kees, all,
Kees Cook [2011-05-25 10:03 -0700]:
Yeah, the problem is that it's not a one-time question (see the bug above),
so that each time we need privileges to gather data, apport will prompt for
the sudo password
On Wed, May 25, 2011 at 11:49:45AM -0700, Steve Langasek wrote:
I'd much rather we find a way to fix it so the information *logged* to these
files isn't privileged to the point that it can't be exposed to admins,
instead of gutting admins' ability to make use of these crucial logs.
Currently,
On Wed, May 25, 2011 at 12:01:42PM -0700, Kees Cook wrote:
On Wed, May 25, 2011 at 08:27:01PM +0200, Martin Pitt wrote:
Hello Kees, all,
Kees Cook [2011-05-25 10:03 -0700]:
Yeah, the problem is that it's not a one-time question (see the bug
above),
so that each time we need
Kees Cook [2011-05-25 12:05 -0700]:
Currently, the upstream kernel folks have rejected filtering printk.
That's not actually what I meant. Don't filter the outputs of printk()
with some regexps. I meant just kill the printk() call that prints
the address. Why would you even need to printk() it
Hello!
In Oneiric, I'd like to change the default availability of yet another
long-standing system debugging feature: dmesg.
Since Linux 2.6.37, CONFIG_DMESG_RESTRICT (/proc/sys/kernel/dmesg_restrict)
has existed[1], but the default in Ubuntu has been to leave dmesg available
to unprivileged
Excerpts from Kees Cook's message of Tue May 24 11:46:48 -0700 2011:
One unresolved problem is that the local default user (who is part of
admin) is also part of the adm group, which means these log files are
visible without additional privileges:
-rw-r- 1 root adm 25937 2011-05-24
On Tue, May 24, 2011 at 11:46:48AM -0700, Kees Cook wrote:
Hello!
In Oneiric, I'd like to change the default availability of yet another
long-standing system debugging feature: dmesg.
Thoughts, flames, etc?
See https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/716595 for some
sudo
Hey Kees,
Kees Cook [2011-05-24 11:46 -0700]:
$ dmesg | grep -m1 text
[0.00] .text : 0xc100 - 0xc15112a1 (5188 kB)
Would it be possible to have the kernel just not log the addresses in
the first place? It seems kind of pointless to make a big effort of
randomizing these and
23 matches
Mail list logo
