[patch] ADJ_OFFSET_SS_READ and capabilities - Kernel

This is a discussion on [patch] ADJ_OFFSET_SS_READ and capabilities - Kernel ; Hi Roman, John, ADJ_OFFSET_SS_READ is a read-only operation. Therefore, it seems reasonable not to require any capability (as is the case when 'modes' is zero. See the patch below. Does this change seem reasonable? Cheers, Michael --- linux-2.6.26-rc5/kernel/time/ntp.c 2008-06-13 11:16:51.000000000 ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: [patch] ADJ_OFFSET_SS_READ and capabilities

  1. [patch] ADJ_OFFSET_SS_READ and capabilities

    Hi Roman, John,

    ADJ_OFFSET_SS_READ is a read-only operation. Therefore, it seems
    reasonable not to require any capability (as is the case when 'modes'
    is zero. See the patch below. Does this change seem reasonable?

    Cheers,

    Michael

    --- linux-2.6.26-rc5/kernel/time/ntp.c 2008-06-13 11:16:51.000000000 +0200
    +++ linux-2.6.26-rc5-p/kernel/time/ntp.c 2008-06-22 07:31:43.000000000 +0200
    @@ -281,7 +281,8 @@
    int result;

    /* In order to modify anything, you gotta be super-user! */
    - if (txc->modes && !capable(CAP_SYS_TIME))
    + if (txc->modes && txc->modes != ADJ_OFFSET_SS_READ &&
    + !capable(CAP_SYS_TIME))
    return -EPERM;

    /* Now we validate the data before disabling interrupts */


    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  2. Re: [patch] ADJ_OFFSET_SS_READ and capabilities


    On Sun, 2008-06-22 at 09:32 +0200, Michael Kerrisk wrote:
    > Hi Roman, John,
    >
    > ADJ_OFFSET_SS_READ is a read-only operation. Therefore, it seems
    > reasonable not to require any capability (as is the case when 'modes'
    > is zero. See the patch below. Does this change seem reasonable?
    >
    > Cheers,
    >
    > Michael
    >
    > --- linux-2.6.26-rc5/kernel/time/ntp.c 2008-06-13 11:16:51.000000000 +0200
    > +++ linux-2.6.26-rc5-p/kernel/time/ntp.c 2008-06-22 07:31:43.000000000 +0200
    > @@ -281,7 +281,8 @@
    > int result;
    >
    > /* In order to modify anything, you gotta be super-user! */
    > - if (txc->modes && !capable(CAP_SYS_TIME))
    > + if (txc->modes && txc->modes != ADJ_OFFSET_SS_READ &&
    > + !capable(CAP_SYS_TIME))
    > return -EPERM;
    >
    > /* Now we validate the data before disabling interrupts */
    >



    Hey Michael,
    This seems like an ok change, but we'd first want to fix the issue you
    pointed out earlier which would make sure adjtimex() read calls don't
    cause side effects.

    thanks
    -john



    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

  3. Re: [patch] ADJ_OFFSET_SS_READ and capabilities

    On Tue, Jul 1, 2008 at 12:07 AM, john stultz wrote:
    >
    > On Sun, 2008-06-22 at 09:32 +0200, Michael Kerrisk wrote:
    >> Hi Roman, John,
    >>
    >> ADJ_OFFSET_SS_READ is a read-only operation. Therefore, it seems
    >> reasonable not to require any capability (as is the case when 'modes'
    >> is zero. See the patch below. Does this change seem reasonable?
    >>
    >> Cheers,
    >>
    >> Michael
    >>
    >> --- linux-2.6.26-rc5/kernel/time/ntp.c 2008-06-13 11:16:51.000000000 +0200
    >> +++ linux-2.6.26-rc5-p/kernel/time/ntp.c 2008-06-22 07:31:43.000000000 +0200
    >> @@ -281,7 +281,8 @@
    >> int result;
    >>
    >> /* In order to modify anything, you gotta be super-user! */
    >> - if (txc->modes && !capable(CAP_SYS_TIME))
    >> + if (txc->modes && txc->modes != ADJ_OFFSET_SS_READ &&
    >> + !capable(CAP_SYS_TIME))
    >> return -EPERM;
    >>
    >> /* Now we validate the data before disabling interrupts */
    >>

    >
    >
    > Hey Michael,
    > This seems like an ok change, but we'd first want to fix the issue you
    > pointed out earlier which would make sure adjtimex() read calls don't
    > cause side effects.


    John, Roman,

    Are you pushing this into 2.6.27-rc1?

    Cheers,

    Michael

    --
    Michael Kerrisk
    Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/
    man-pages online: http://www.kernel.org/doc/man-pages/online_pages.html
    Found a bug? http://www.kernel.org/doc/man-pages/reporting_bugs.html
    --
    To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
    the body of a message to majordomo@vger.kernel.org
    More majordomo info at http://vger.kernel.org/majordomo-info.html
    Please read the FAQ at http://www.tux.org/lkml/

+ Reply to Thread