Re: [PATCH] Add user taint flag
- From: "Randy.Dunlap" <rdunlap@xxxxxxxxxxxx>
- Date: Mon, 22 May 2006 08:48:40 -0700
On Sun, 21 May 2006 19:04:32 -0400 Theodore Ts'o wrote:
Allow taint flags to be set from userspace by writing to
/proc/sys/kernel/tainted, and add a new taint flag, TAINT_USER, to be
used when userspace is potentially doing something naughty that might
compromise the kernel. This will allow support personnel to ask further
questions about what may have caused the user taint flag to have been
set. (For example, by examining the logs of the JVM to determine what
evil things might have been lurking in the hearts of Java programs. :-)
Signed-off-by: "Theodore Ts'o" <tytso@xxxxxxx>
Index: linux-2.6/kernel/sysctl.c
===================================================================
--- linux-2.6.orig/kernel/sysctl.c 2006-03-25 21:26:38.000000000 -0500
+++ linux-2.6/kernel/sysctl.c 2006-05-21 19:00:15.000000000 -0400
@@ -1835,6 +1835,23 @@
do_proc_dointvec_bset_conv,&op);
}
+/*
+ * Taint values can only be increased
+ */
+int proc_dointvec_taint(ctl_table *table, int write, struct file *filp,
+ void __user *buffer, size_t *lenp, loff_t *ppos)
+{
+ int op;
+
+ if (!capable(CAP_SYS_ADMIN)) {
+ return -EPERM;
+ }
no braces.
+
+ op = OP_OR;
+ return do_proc_dointvec(table,write,filp,buffer,lenp,ppos,
+ do_proc_dointvec_bset_conv,&op);
find/use that spacebar (after commas).
+}
+
struct do_proc_dointvec_minmax_conv_param {
int *min;
int *max;
---
~Randy
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
- References:
- [PATCH] Add user taint flag
- From: Theodore Ts'o
- [PATCH] Add user taint flag
- Prev by Date: RT patch + LTTng
- Next by Date: Re: [IDEA] Poor man's UPS
- Previous by thread: Re: [PATCH] Add user taint flag
- Next by thread: Re: [PATCH] Add user taint flag
- Index(es):
Relevant Pages
|
