Re: [patch] printk from userspace

H. Peter Anvin (hpa@zytor.com)
Tue, 13 Aug 2002 21:00:38 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andrew Morton: "Re: [patch] printk from userspace"
Previous message: Rusty Russell: "Re: [TRIVIAL] Designated initializers for i386"
Maybe in reply to: Andrew Morton: "[patch] printk from userspace"
Next in thread: Andrew Morton: "Re: [patch] printk from userspace"

Benjamin LaHaise wrote:
> On Tue, Aug 13, 2002 at 08:18:18PM -0700, Andrew Morton wrote:
>
>>The patch allows userspace to issue printk's, via sys_syslog():
>
>
> This is an incredibly bad idea. It has security hole written all over it.
> Any user can now spam the kernel's log ringbuffer and overrun potentially
> important messages.
>

First of all, only CAP_SYS_ADMIN. As far as spamming the ring buffer,
that's trivial to do today by just sending a bunch of bad network
packets, or attaching a USB CD-ROM without a disc in the drive (yes,
really... on my wife's laptop it was so bad that unless she unplugged
the CD-ROM syslogd was eating her system alive), or...

-hpa

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "Re: [patch] printk from userspace"
Previous message: Rusty Russell: "Re: [TRIVIAL] Designated initializers for i386"
Maybe in reply to: Andrew Morton: "[patch] printk from userspace"
Next in thread: Andrew Morton: "Re: [patch] printk from userspace"