Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Kees Cook <kees.cook <at> canonical.com>
Subject: [PATCH 2/2] debugfs: only allow root access to debugging interfaces
Newsgroups: gmane.linux.kernel
Date: Tuesday 22nd February 2011 18:09:58 UTC (over 5 years ago)
Block access to the potentially dangerous debugging interfaces in
the debugfs filesystem.

Signed-off-by: Kees Cook 
---
 fs/debugfs/inode.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/fs/debugfs/inode.c b/fs/debugfs/inode.c
index 3cb33c3..83c61a3 100644
--- a/fs/debugfs/inode.c
+++ b/fs/debugfs/inode.c
@@ -133,7 +133,7 @@ static int debug_fill_super(struct super_block *sb,
void *data, int silent)
 	static struct tree_descr debug_files[] = {{""}};
 
 	return simple_fill_super(sb, DEBUGFS_MAGIC, debug_files,
-				 S_IWUSR | S_IRUGO | S_IXUGO);
+				 S_IRWXU);
 }
 
 static struct dentry *debug_mount(struct file_system_type *fs_type,
-- 
1.7.2.3
 
CD: 42ms