This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
[Bug runtime/10976] New: Untrusted uprobes.ko.sig shouldn't be fatal for the privileged
- From: "jistone at redhat dot com" <sourceware-bugzilla at sourceware dot org>
- To: systemtap at sources dot redhat dot com
- Date: 17 Nov 2009 23:28:28 -0000
- Subject: [Bug runtime/10976] New: Untrusted uprobes.ko.sig shouldn't be fatal for the privileged
- Reply-to: sourceware-bugzilla at sourceware dot org
Users in the stapdev group and root can load their script module regardless of
whether it has an authorized signature, as long as it is not found as
MODULE_ALTERED. The same should be true for loading uprobes.ko. (We might even
permit this for stapusr, since it's loading from the installed runtime path...)
A missing or unauthorized uprobes.ko cert should only be fatal for non-root,
non-stapdev users -- i.e. unprivileged users only.
--
Summary: Untrusted uprobes.ko.sig shouldn't be fatal for the
privileged
Product: systemtap
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: runtime
AssignedTo: systemtap at sources dot redhat dot com
ReportedBy: jistone at redhat dot com
OtherBugsDependingO 10907
nThis:
http://sourceware.org/bugzilla/show_bug.cgi?id=10976
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.