linux-hardened/fs/pstore
Kees Cook c71b02e4d2 Revert "pstore: Honor dmesg_restrict sysctl on dmesg dumps"
This reverts commit 68c4a4f8ab, with
various conflict clean-ups.

The capability check required too much privilege compared to simple DAC
controls. A system builder was forced to have crash handler processes
run with CAP_SYSLOG which would give it the ability to read (and wipe)
the _current_ dmesg, which is much more access than being given access
only to the historical log stored in pstorefs.

With the prior commit to make the root directory 0750, the files are
protected by default but a system builder can now opt to give access
to a specific group (via chgrp on the pstorefs root directory) without
being forced to also give away CAP_SYSLOG.

Suggested-by: Nick Kralevich <nnk@google.com>
Signed-off-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Petr Mladek <pmladek@suse.cz>
Reviewed-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
2017-08-17 16:29:19 -07:00
..
ftrace.c pstore: Remove write_buf() callback 2017-03-07 14:01:02 -08:00
inode.c Revert "pstore: Honor dmesg_restrict sysctl on dmesg dumps" 2017-08-17 16:29:19 -07:00
internal.h Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-15 12:00:42 -07:00
Kconfig docs: fix locations of several documents that got moved 2016-10-24 08:12:35 -02:00
Makefile pstore: add pstore unregister 2015-10-22 08:59:18 -07:00
platform.c Merge branch 'work.mount' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-07-15 12:00:42 -07:00
pmsg.c pstore: Create common record initializer 2017-05-31 10:13:44 -07:00
ram.c pstore: Populate pstore record->time field 2017-05-31 10:13:44 -07:00
ram_core.c pstore: Use dynamic spinlock initializer 2017-03-07 08:21:38 -08:00