This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[Bug runtime/10976] New: Untrusted uprobes.ko.sig shouldn't be fatal for the privileged

From: "jistone at redhat dot com" <sourceware-bugzilla at sourceware dot org>
To: systemtap at sources dot redhat dot com
Date: 17 Nov 2009 23:28:28 -0000
Subject: [Bug runtime/10976] New: Untrusted uprobes.ko.sig shouldn't be fatal for the privileged
Reply-to: sourceware-bugzilla at sourceware dot org

Users in the stapdev group and root can load their script module regardless of
whether it has an authorized signature, as long as it is not found as
MODULE_ALTERED.  The same should be true for loading uprobes.ko.  (We might even
permit this for stapusr, since it's loading from the installed runtime path...)

A missing or unauthorized uprobes.ko cert should only be fatal for non-root,
non-stapdev users -- i.e. unprivileged users only.

-- 
           Summary: Untrusted uprobes.ko.sig shouldn't be fatal for the
                    privileged
           Product: systemtap
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: runtime
        AssignedTo: systemtap at sources dot redhat dot com
        ReportedBy: jistone at redhat dot com
OtherBugsDependingO 10907
             nThis:


http://sourceware.org/bugzilla/show_bug.cgi?id=10976

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

Follow-Ups:
- [Bug runtime/10976] Untrusted uprobes.ko.sig shouldn't be fatal for the privileged
  - From: brolley at redhat dot com

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]