From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 22892 invoked by alias); 17 Nov 2009 23:28:41 -0000 Received: (qmail 22850 invoked by uid 48); 17 Nov 2009 23:28:28 -0000 Date: Tue, 17 Nov 2009 23:28:00 -0000 From: "jistone at redhat dot com" To: systemtap@sources.redhat.com Message-ID: <20091117232827.10976.jistone@redhat.com> Reply-To: sourceware-bugzilla@sourceware.org Subject: [Bug runtime/10976] New: Untrusted uprobes.ko.sig shouldn't be fatal for the privileged X-Bugzilla-Reason: AssignedTo Mailing-List: contact systemtap-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Post: List-Help: , Sender: systemtap-owner@sourceware.org X-SW-Source: 2009-q4/txt/msg00558.txt.bz2 Users in the stapdev group and root can load their script module regardless of whether it has an authorized signature, as long as it is not found as MODULE_ALTERED. The same should be true for loading uprobes.ko. (We might even permit this for stapusr, since it's loading from the installed runtime path...) A missing or unauthorized uprobes.ko cert should only be fatal for non-root, non-stapdev users -- i.e. unprivileged users only. -- Summary: Untrusted uprobes.ko.sig shouldn't be fatal for the privileged Product: systemtap Version: unspecified Status: NEW Severity: normal Priority: P2 Component: runtime AssignedTo: systemtap at sources dot redhat dot com ReportedBy: jistone at redhat dot com OtherBugsDependingO 10907 nThis: http://sourceware.org/bugzilla/show_bug.cgi?id=10976 ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.