Prev: [PATCH] fs: inode.c use atomic_inc_return in __iget
Next: usb debug port documentation
From: James Morris on 14 May 2010 06:20
A check for CAP_SYS_RAWIO was introduced when accessing
/proc/sys/vm/mmap_min_addr in the following patch:

commit 0e1a6ef2dea88101b056b6d9984f3325c5efced3
Author: Kees Cook <kees.cook(a)canonical.com>
Date: Sun Nov 8 09:37:00 2009 -0800

sysctl: require CAP_SYS_RAWIO to set mmap_min_addr

this has caused regressions for unprivileged userland apps which want to
read this value:

https://bugs.launchpad.net/ubuntu/+source/linux/+bug/568844

A patch to fix this has been in -next for some time, and given the reports
of userland breakage, it should probably go into mainline before 2.6.34 --
please pull per the request below.

(The patch may also be suitable for the 2.6.32 and 2.6.33 stable trees).


The following changes since commit 6a251b0ab67989f468f4cb65179e0cf40cf8c295:
Linus Torvalds (1):
Merge branch 'for-linus' of git://git.kernel.org/.../sameo/mfd-2.6

are available in the git repository at:

git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6 for-linus

Kees Cook (1):
mmap_min_addr check CAP_SYS_RAWIO only for write

security/min_addr.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)


--
James Morris
<jmorris(a)namei.org>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
 | 
Pages: 1
Prev: [PATCH] fs: inode.c use atomic_inc_return in __iget
Next: usb debug port documentation