[PATCH] make /proc/tty/driver/ S_IRUSR | S_IXUSR for root only

From: Chris Wright <chrisw@osdl.org> Fix for CAN-2003-0461: /proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.

[PATCH] make /proc/tty/driver/ S_IRUSR | S_IXUSR for root only
From: Chris Wright <chrisw@osdl.org> Fix for CAN-2003-0461: /proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
4b66a41d · Andrew Morton · Linus Torvalds · ce3323db · 4b66a41d · 4b66a41d
Commit 4b66a41d authored Dec 29, 2003 by Andrew Morton Committed by Linus Torvalds Dec 29, 2003
Hide whitespace changes
Inline Side-by-side

Showing with 18 additions and 4 deletions

fs/proc/generic.c fs/proc/generic.c +9 -3

fs/proc/proc_tty.c fs/proc/proc_tty.c +7 -1

include/linux/proc_fs.h include/linux/proc_fs.h +2 -0

No files found.
--- a/fs/proc/generic.c
+++ b/fs/proc/generic.c
@@ -567,12 +567,12 @@ struct proc_dir_entry *proc_symlink(const char *name,
 	return ent;
 }

-struct proc_dir_entry *proc_mkdir(const char *name, struct proc_dir_entry *parent)
+struct proc_dir_entry *proc_mkdir_mode(const char *name, mode_t mode,
+		struct proc_dir_entry *parent)
 {
 	struct proc_dir_entry *ent;

-	ent = proc_create(&parent,name,
-			  (S_IFDIR | S_IRUGO | S_IXUGO),2);
+	ent = proc_create(&parent, name, S_IFDIR | mode, 2);
 	if (ent) {
 		ent->proc_fops = &proc_dir_operations;
 		ent->proc_iops = &proc_dir_inode_operations;
@@ -585,6 +585,12 @@ struct proc_dir_entry *proc_mkdir(const char *name, struct proc_dir_entry *paren
 	return ent;
 }

+struct proc_dir_entry *proc_mkdir(const char *name,
+		struct proc_dir_entry *parent)
+{
+	return proc_mkdir_mode(name, S_IRUGO | S_IXUGO, parent);
+}
+
 struct proc_dir_entry *create_proc_entry(const char *name, mode_t mode,
 					 struct proc_dir_entry *parent)
 {

--- a/fs/proc/proc_tty.c
+++ b/fs/proc/proc_tty.c
@@ -229,7 +229,13 @@ void __init proc_tty_init(void)
 	if (!proc_mkdir("tty", 0))
 		return;
 	proc_tty_ldisc = proc_mkdir("tty/ldisc", 0);
-	proc_tty_driver = proc_mkdir("tty/driver", 0);
+	/*
+	 * /proc/tty/driver/serial reveals the exact character counts for
+	 * serial links which is just too easy to abuse for inferring
+	 * password lengths and inter-keystroke timings during password
+	 * entry.
+	 */
+	proc_tty_driver = proc_mkdir_mode("tty/driver", S_IRUSR | S_IXUSR, 0);

 	create_proc_read_entry("tty/ldiscs", 0, 0, tty_ldiscs_read_proc,NULL);
 	entry = create_proc_entry("tty/drivers", 0, NULL);

--- a/include/linux/proc_fs.h
+++ b/include/linux/proc_fs.h
@@ -141,6 +141,8 @@ extern void proc_rtas_init(void);
 extern struct proc_dir_entry *proc_symlink(const char *,
 		struct proc_dir_entry *, const char *);
 extern struct proc_dir_entry *proc_mkdir(const char *,struct proc_dir_entry *);
+extern struct proc_dir_entry *proc_mkdir_mode(const char *name, mode_t mode,
+			struct proc_dir_entry *parent);

 static inline struct proc_dir_entry *create_proc_read_entry(const char *name,
 	mode_t mode, struct proc_dir_entry *base,