Source-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: [netbsd-11] src
Module Name: src
Committed By: martin
Date: Mon Jun 29 19:52:23 UTC 2026
Modified Files:
src/distrib/sets/lists/debug [netbsd-11]: mi
src/distrib/sets/lists/tests [netbsd-11]: mi
src/etc [netbsd-11]: MAKEDEV.tmpl
src/sys/modules/lua [netbsd-11]: lua.c
src/sys/sys [netbsd-11]: lua.h
src/tests/kernel [netbsd-11]: Makefile
Added Files:
src/tests/kernel [netbsd-11]: t_lua.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #350):
sys/modules/lua/lua.c: revision 1.29
distrib/sets/lists/tests/mi: revision 1.1422
tests/kernel/t_lua.c: revision 1.1
etc/MAKEDEV.tmpl: revision 1.239
distrib/sets/lists/debug/mi: revision 1.514
tests/kernel/Makefile: revision 1.97
sys/sys/lua.h: revision 1.10
MAKEDEV: Set default perms on /dev/lua to 0600.
Otherwise unprivileged users can submit Lua code into the kernel, if
lua.kmod is loaded (which doesn't happen by default, not even
autoloaded on demand).
PR misc/60375: lua.kmod enables local privilege escalation
lua(4): Fix and test some issues.
- Require read permission for LUAINFO.
- Require write permission for all others:
. LUACREATE
. LUADESTROY
. LUALOAD
. LUAREQUIRE
- Don't panic in LUAINFO if there's zero states.
- Add missing sys/stdbool.h in sys/lua.h.
This is not a real test suite for lua.kmod -- it doesn't verify the
module does anything useful; it just verifies that _if_ you go out of
your way to load the experimental kernel module, it doesn't enable
unprivileged users to wreak havoc with /dev/lua.
PR misc/60375: lua.kmod enables local privilege escalation
To generate a diff of this commit:
cvs rdiff -u -r1.485.2.8 -r1.485.2.9 src/distrib/sets/lists/debug/mi
cvs rdiff -u -r1.1387.2.8 -r1.1387.2.9 src/distrib/sets/lists/tests/mi
cvs rdiff -u -r1.237 -r1.237.2.1 src/etc/MAKEDEV.tmpl
cvs rdiff -u -r1.28 -r1.28.12.1 src/sys/modules/lua/lua.c
cvs rdiff -u -r1.9 -r1.9.8.1 src/sys/sys/lua.h
cvs rdiff -u -r1.96 -r1.96.2.1 src/tests/kernel/Makefile
cvs rdiff -u -r0 -r1.1.2.2 src/tests/kernel/t_lua.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home |
Main Index |
Thread Index |
Old Index