Commit 8c559d30 authored by Vasiliy Kulikov's avatar Vasiliy Kulikov Committed by Artem Bityutskiy

UBIFS: restrict world-writable debugfs files

Don't allow everybody to dump sensitive information about filesystems.
Signed-off-by: default avatarVasiliy Kulikov <segoon@openwall.com>
Signed-off-by: default avatarArtem Bityutskiy <Artem.Bityutskiy@nokia.com>
parent be7b42a5
...@@ -2813,19 +2813,19 @@ int dbg_debugfs_init_fs(struct ubifs_info *c) ...@@ -2813,19 +2813,19 @@ int dbg_debugfs_init_fs(struct ubifs_info *c)
} }
fname = "dump_lprops"; fname = "dump_lprops";
dent = debugfs_create_file(fname, S_IWUGO, d->dfs_dir, c, &dfs_fops); dent = debugfs_create_file(fname, S_IWUSR, d->dfs_dir, c, &dfs_fops);
if (IS_ERR(dent)) if (IS_ERR(dent))
goto out_remove; goto out_remove;
d->dfs_dump_lprops = dent; d->dfs_dump_lprops = dent;
fname = "dump_budg"; fname = "dump_budg";
dent = debugfs_create_file(fname, S_IWUGO, d->dfs_dir, c, &dfs_fops); dent = debugfs_create_file(fname, S_IWUSR, d->dfs_dir, c, &dfs_fops);
if (IS_ERR(dent)) if (IS_ERR(dent))
goto out_remove; goto out_remove;
d->dfs_dump_budg = dent; d->dfs_dump_budg = dent;
fname = "dump_tnc"; fname = "dump_tnc";
dent = debugfs_create_file(fname, S_IWUGO, d->dfs_dir, c, &dfs_fops); dent = debugfs_create_file(fname, S_IWUSR, d->dfs_dir, c, &dfs_fops);
if (IS_ERR(dent)) if (IS_ERR(dent))
goto out_remove; goto out_remove;
d->dfs_dump_tnc = dent; d->dfs_dump_tnc = dent;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment