Ubuntu
linux package

Fix broken ownership of /proc/sys/ files

Bug #298887 reported by Tim Gardner
6
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Undecided
Tim Gardner
Intrepid
Fix Released
High
Tim Gardner
Ubuntu intrepid-updates
Jaunty
Fix Released
Undecided
Tim Gardner

Bug Description

Some files can be created in the /proc file system are not owned by root which is a security vulnerability.

Revision history for this message
Tim Gardner (timg-tpi) wrote :

SRU Justification

Impact: files can be created in /proc without root ownership

Patch description: Initialize the inode i_uid field to 0.

Patch: http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-intrepid.git;a=commit;h=c31299bdbd8c19353b105a1915a06c0fca5a3ec8

Test Case: see bug description

Changed in linux:
assignee: nobody → timg-tpi
importance: Undecided → High
milestone: none → intrepid-updates
status: New → Fix Committed
status: New → Invalid
Revision history for this message
Martin Pitt (pitti) wrote :

Missing rationale why this is invalid in Jaunty, and it is implausible that it is. Please explain, or fix in jaunty as well.

Changed in linux:
assignee: nobody → timg-tpi
status: Invalid → In Progress
Revision history for this message
Martin Pitt (pitti) wrote :

Accepted linux into intrepid-proposed, please test and give feedback here. Please see https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Revision history for this message
Steve Beattie (sbeattie) wrote :

I have verified that the intrepid kernel 2.6.27-9.19 would set up files in /proc/sys that were owned by uids other than 0, and that the kernel in intrepid-proposed, 2.6.27-10.13, fixes the issue and that all the files and directories under /proc/sys are owned by uid and gid 0.

Revision history for this message
Steve Beattie (sbeattie) wrote :

This was fixed in intrepid in the 2.6.27-11 kernel update, closing. Is this an open issue in jaunty?

Changed in linux:
status: Fix Committed → Fix Released
Revision history for this message
Steve Beattie (sbeattie) wrote :

I've confirmed this is fixed in jaunty, closing.

Changed in linux:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.