On Fri, May 27, 2011 at 7:44 AM, Kees Cook <k...@ubuntu.com> wrote: > The problem is that dmesg is just a log. The contents can't be adjusted > based on who is viewing it like (like has been done for the %pK sprintf > uses in /proc, /sys, etc). Things like Oops reports will go to dmesg, which > are utterly useless without all their addresses intact, etc.
One could also provide an suid utility that stripped out everything that looks like an address. For fun, I attach such a utility, though I am not convinced this is the best approach. It 1) opens /var/log/dmesg 2) drops root privileges 3) filters out everything starting with '0x' It strips out lots of things that aren't addresses, but It looks like what it leaves could still be useful for many purposes. It may well still leave some sensitive information unprotected, so I wouldn't use it when it is not needed, particularly as it may cause confusion if users mistake it for the real dmesg. -- John C. McCabe-Dansted
#include <unistd.h> #include <stdio.h> int main ( int argc, char** argv ) { int last_char = 0; int this_char; int in_address = 0; FILE *f = fopen ( "/var/log/dmesg", "r" ); if (setuid(getuid())) { /* drop root privileges */ puts("Cannot drop root privileges\n"); return 1; } while ( (this_char = fgetc(f)) != EOF) { if (this_char < 33 || this_char == ']' || this_char == '-') { // A space, newline or special char in_address = 0; } if (in_address) { putchar('?'); } else { putchar((char)this_char); } if (last_char=='0' && this_char=='x') { in_address=1; } last_char = this_char; } return (0); }
-- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel