security: remove root_plug
Remove the root_plug example LSM code. It's unmaintained and increasingly broken in various ways. Made at the 2009 Kernel Summit in Tokyo! Acked-by: Greg Kroah-Hartman <gregkh@suse.de> Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
parent
b7f3008ad1
commit
3e1c2515ac
|
@ -85,7 +85,6 @@ parameter is applicable:
|
|||
PPT Parallel port support is enabled.
|
||||
PS2 Appropriate PS/2 support is enabled.
|
||||
RAM RAM disk support is enabled.
|
||||
ROOTPLUG The example Root Plug LSM is enabled.
|
||||
S390 S390 architecture is enabled.
|
||||
SCSI Appropriate SCSI support is enabled.
|
||||
A lot of drivers has their options described inside of
|
||||
|
@ -2163,15 +2162,6 @@ and is between 256 and 4096 characters. It is defined in the file
|
|||
Useful for devices that are detected asynchronously
|
||||
(e.g. USB and MMC devices).
|
||||
|
||||
root_plug.vendor_id=
|
||||
[ROOTPLUG] Override the default vendor ID
|
||||
|
||||
root_plug.product_id=
|
||||
[ROOTPLUG] Override the default product ID
|
||||
|
||||
root_plug.debug=
|
||||
[ROOTPLUG] Enable debugging output
|
||||
|
||||
rw [KNL] Mount root device read-write on boot
|
||||
|
||||
S [KNL] Run init in single mode
|
||||
|
|
|
@ -100,19 +100,6 @@ config SECURITY_FILE_CAPABILITIES
|
|||
|
||||
If in doubt, answer N.
|
||||
|
||||
config SECURITY_ROOTPLUG
|
||||
bool "Root Plug Support"
|
||||
depends on USB=y && SECURITY
|
||||
help
|
||||
This is a sample LSM module that should only be used as such.
|
||||
It prevents any programs running with egid == 0 if a specific
|
||||
USB device is not present in the system.
|
||||
|
||||
See <http://www.linuxjournal.com/article.php?sid=6279> for
|
||||
more information about this module.
|
||||
|
||||
If you are unsure how to answer this question, answer N.
|
||||
|
||||
config INTEL_TXT
|
||||
bool "Enable Intel(R) Trusted Execution Technology (Intel(R) TXT)"
|
||||
depends on HAVE_INTEL_TXT
|
||||
|
|
|
@ -18,7 +18,6 @@ obj-$(CONFIG_SECURITY_SELINUX) += selinux/built-in.o
|
|||
obj-$(CONFIG_SECURITY_SMACK) += smack/built-in.o
|
||||
obj-$(CONFIG_AUDIT) += lsm_audit.o
|
||||
obj-$(CONFIG_SECURITY_TOMOYO) += tomoyo/built-in.o
|
||||
obj-$(CONFIG_SECURITY_ROOTPLUG) += root_plug.o
|
||||
obj-$(CONFIG_CGROUP_DEVICE) += device_cgroup.o
|
||||
|
||||
# Object integrity file lists
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
/* Common capabilities, needed by capability.o and root_plug.o
|
||||
/* Common capabilities, needed by capability.o.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
|
|
|
@ -1,90 +0,0 @@
|
|||
/*
|
||||
* Root Plug sample LSM module
|
||||
*
|
||||
* Originally written for a Linux Journal.
|
||||
*
|
||||
* Copyright (C) 2002 Greg Kroah-Hartman <greg@kroah.com>
|
||||
*
|
||||
* Prevents any programs running with egid == 0 if a specific USB device
|
||||
* is not present in the system. Yes, it can be gotten around, but is a
|
||||
* nice starting point for people to play with, and learn the LSM
|
||||
* interface.
|
||||
*
|
||||
* If you want to turn this into something with a semblance of security,
|
||||
* you need to hook the task_* functions also.
|
||||
*
|
||||
* See http://www.linuxjournal.com/article.php?sid=6279 for more information
|
||||
* about this code.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU General Public License as
|
||||
* published by the Free Software Foundation, version 2 of the
|
||||
* License.
|
||||
*/
|
||||
|
||||
#include <linux/kernel.h>
|
||||
#include <linux/init.h>
|
||||
#include <linux/security.h>
|
||||
#include <linux/usb.h>
|
||||
#include <linux/moduleparam.h>
|
||||
|
||||
/* default is a generic type of usb to serial converter */
|
||||
static int vendor_id = 0x0557;
|
||||
static int product_id = 0x2008;
|
||||
|
||||
module_param(vendor_id, uint, 0400);
|
||||
module_param(product_id, uint, 0400);
|
||||
|
||||
/* should we print out debug messages */
|
||||
static int debug = 0;
|
||||
|
||||
module_param(debug, bool, 0600);
|
||||
|
||||
#define MY_NAME "root_plug"
|
||||
|
||||
#define root_dbg(fmt, arg...) \
|
||||
do { \
|
||||
if (debug) \
|
||||
printk(KERN_DEBUG "%s: %s: " fmt , \
|
||||
MY_NAME , __func__ , \
|
||||
## arg); \
|
||||
} while (0)
|
||||
|
||||
static int rootplug_bprm_check_security (struct linux_binprm *bprm)
|
||||
{
|
||||
struct usb_device *dev;
|
||||
|
||||
root_dbg("file %s, e_uid = %d, e_gid = %d\n",
|
||||
bprm->filename, bprm->cred->euid, bprm->cred->egid);
|
||||
|
||||
if (bprm->cred->egid == 0) {
|
||||
dev = usb_find_device(vendor_id, product_id);
|
||||
if (!dev) {
|
||||
root_dbg("e_gid = 0, and device not found, "
|
||||
"task not allowed to run...\n");
|
||||
return -EPERM;
|
||||
}
|
||||
usb_put_dev(dev);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
static struct security_operations rootplug_security_ops = {
|
||||
.bprm_check_security = rootplug_bprm_check_security,
|
||||
};
|
||||
|
||||
static int __init rootplug_init (void)
|
||||
{
|
||||
/* register ourselves with the security framework */
|
||||
if (register_security (&rootplug_security_ops)) {
|
||||
printk (KERN_INFO
|
||||
"Failure registering Root Plug module with the kernel\n");
|
||||
return -EINVAL;
|
||||
}
|
||||
printk (KERN_INFO "Root Plug module initialized, "
|
||||
"vendor_id = %4.4x, product id = %4.4x\n", vendor_id, product_id);
|
||||
return 0;
|
||||
}
|
||||
|
||||
security_initcall (rootplug_init);
|
Loading…
Reference in New Issue
Block a user