1. 11 Nov, 2007 1 commit
    • Alan Cox's avatar
      [SCSI] aacraid: fix security weakness · 5f78e89b
      Alan Cox authored
      Actually there are several but one is trivially fixed
      
      1.	FSACTL_GET_NEXT_ADAPTER_FIB ioctl does not lock dev->fib_list
      but needs to
      2.	Ditto for FSACTL_CLOSE_GET_ADAPTER_FIB
      3.	It is possible to construct an attack via the SRB ioctls where
      the user obtains assorted elevated privileges. Various approaches are
      possible, the trivial ones being things like writing to the raw media
      via scsi commands and the swap image of other executing programs with
      higher privileges.
      
      So the ioctls should be CAP_SYS_RAWIO - at least all the FIB manipulating
      ones. This is a bandaid fix for #3 but probably the ioctls should grow
      their own capable checks. The other two bugs need someone competent in that
      driver to fix them.
      Signed-off-by: default avatarAlan Cox <alan@redhat.com>
      Acked-by: default avatarMark Salyzyn <mark_salyzyn@adaptec.com>
      Signed-off-by: default avatarJames Bottomley <James.Bottomley@HansenPartnership.com>
      5f78e89b
  2. 07 Nov, 2007 3 commits
  3. 06 Nov, 2007 13 commits
  4. 05 Nov, 2007 23 commits