RE: Possible missing security checks in usbfs?

I agree. You are right.

Lin

-----Original Message-----
From: linux-security-module-owner@vger.kernel.org [mailto:linux-security-module-owner@vger.kernel.org] On Behalf Of Greg KH Sent: Thursday, November 01, 2007 10:52 AM To: Tan, Lin
Cc: linux-security-module@vger.kernel.org Subject: Re: Possible missing security checks in usbfs?

On Thu, Nov 01, 2007 at 10:42:02AM -0500, Tan, Lin wrote:
> Thank you so much for the response. :)
>
> I think a malicious driver (in kernel space) can still call these
> functions to create a device node, which is dangerous. If this is not
> possible, then there is no security hole.

I don't see how this is possible, do you?

Remember, if you have a malicious driver in kernel space, you can do whatever you want to do, no need to try to plod through the symbol table to lookup a static symbol in a kernel module and call that, just create the device node yourself with your own code :)

thanks,

greg k-h
-
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo_at_vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html -
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html

• This message: [ Message body ]
• Next message: Greg KH: "Re: Possible missing security checks in usbfs?"
• Previous message: Tan, Lin: "RE: Possible missing security checks in usbfs?"
• In reply to: Greg KH: "Re: Possible missing security checks in usbfs?"
• Next in thread: Crispin Cowan: "Re: Possible missing security checks in usbfs?"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]